Xr0B0T

**Name of the Vulnerable Software and Affected Versions** Joomla! SimpleDownload component versions prior to 0.9.6 **Description** A directory traversal issue exists in the SimpleDownload component for Joomla!, allowing remote attackers to include and execute arbitrary local files. This is achieved by using a .. (dot dot) in the `controller` parameter to `index.php`. **Recommendations** For versions prior to 0.9.6, update the SimpleDownload component to version 0.9.6 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Moron Solutions MS Comment (com mscomment) component version 0.8.0b for Joomla! **Description** The issue allows remote attackers to read arbitrary files via a .. (dot dot) in the `controller` parameter to "index.php". **Recommendations** For version 0.8.0b, consider restricting access to the "index.php" endpoint until a patch is available. Avoid using the `controller` parameter in the affected endpoint until the issue is resolved.