VYPR

Fabrik

by Fabrikar

CVEs (3)

  • CVE-2018-10727MedOct 29, 2019
    risk 0.40cvss 6.1epss 0.01

    Reflected Cross-Site Scripting (XSS) vulnerability in the fabrik_referrer hidden field in the Fabrikar Fabrik component through v3.8.1 for Joomla! allows remote attackers to inject arbitrary web script via the HTTP Referer header.

  • CVE-2010-1981May 19, 2010
    risk 0.04cvss epss 0.12

    Directory traversal vulnerability in the Fabrik (com_fabrik) component 2.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.

  • CVE-2011-5004Dec 25, 2011
    risk 0.00cvss epss 0.02

    Unrestricted file upload vulnerability in models/importcsv.php in the Fabrik (com_fabrik) component before 2.1.1 for Joomla! allows remote authenticated users with Manager privileges to execute arbitrary code by uploading a file with an executable extension, then accessing it…