Vulnerabilities > Joomlaworks

DATE CVE VULNERABILITY TITLE RISK
2018-02-28 CVE-2018-7482 Path Traversal vulnerability in Joomlaworks K2 2.8.0
The K2 component 2.8.0 for Joomla! has Incorrect Access Control with directory traversal, allowing an attacker to download arbitrary files, as demonstrated by a view=media&task=connector&cmd=file&target=l1_../configuration.php&download=1 request.
network
low complexity
joomlaworks CWE-22
7.5