VYPR

mosDirectory

by Joomla

CVEs (2)

  • CVE-2008-0690Feb 12, 2008
    risk 0.04cvss epss 0.09

    SQL injection vulnerability in index.php in the mosDirectory (com_directory) 2.3.2 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a viewcat action.

  • CVE-2007-6555Dec 28, 2007
    risk 0.03cvss epss 0.06

    PHP remote file inclusion vulnerability in modules/mod_pxt_latest.php in the mosDirectory (com_directory) 2.3.2 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[mosConfig_absolute_path] parameter.