CVE-2010-0801

Опубликовано: 02 мар. 2010

Источник: nvd

CVSS2: 3.5

EPSS Низкий

Описание

Directory traversal vulnerability in the AutartiTarot (com_autartitarot) component 1.0.3 for Joomla! allows remote authenticated users, with "Public Back-end" group permissions, to read arbitrary files via directory traversal sequences in the controller parameter in an edit task to administrator/index.php. NOTE: some of these details are obtained from third party information.

Ссылки

http://osvdb.org/62041
Exploit
http://packetstormsecurity.org/1001-exploits/joomlaautartitarot-traversal.txt
Exploit
http://secunia.com/advisories/38434
Vendor Advisory
http://www.securityfocus.com/bid/38034
Exploit
http://osvdb.org/62041
Exploit
http://packetstormsecurity.org/1001-exploits/joomlaautartitarot-traversal.txt
Exploit
http://secunia.com/advisories/38434
Vendor Advisory
http://www.securityfocus.com/bid/38034
Exploit

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:autartica:com_autartitarot:1.0.3:*:*:*:*:*:*:*

cpe:2.3:a:joomla:joomla\!:*:*:*:*:*:*:*:*

EPSS

Процентиль: 84%

0.02195

Низкий

3.5 Low

CVSS2

Дефекты

CWE-22

Связанные уязвимости

GHSA-frgp-qr7c-8f9q

github

почти 4 года назад