Lucene search

[email protected]CVE-2010-0759

HistoryFeb 27, 2010 - 12:30 a.m.

CVE-2010-0759

2010-02-2700:30:00

CWE-22

[email protected]

web.nvd.nist.gov

cve-2010-0759

directory traversal

core design scriptegrator

joomla

vulnerability

remote attack

arbitrary files

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7 High

AI Score

Confidence

Low

0.016 Low

EPSS

Percentile

87.3%

JSON

Directory traversal vulnerability in plugins/system/cdscriptegrator/libraries/highslide/js/jsloader.php in the Core Design Scriptegrator plugin 1.4.1 for Joomla! allows remote attackers to read, and possibly include and execute, arbitrary files via directory traversal sequences in the files[] parameter, a different vector than CVE-2010-0760.

Affected configurations

NVD

Node

greatjoomlascriptegrator_pluginMatch1.4.1

AND

joomlajoomla\!

CPENameOperatorVersion
greatjoomla:scriptegrator_plugingreatjoomla scriptegrator plugineq1.4.1

CPE	Name	Operator	Version
greatjoomla:scriptegrator_plugin	greatjoomla scriptegrator plugin	eq	1.4.1

References

packetstormsecurity.org/1002-exploits/joomlascriptegrator-lfi.txt

secunia.com/advisories/38637

www.exploit-db.com/exploits/11498

www.osvdb.org/62486

www.securityfocus.com/bid/38296

exchange.xforce.ibmcloud.com/vulnerabilities/56380

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7 High

AI Score

Confidence

Low

0.016 Low

EPSS

Percentile

87.3%

JSON

Related for CVE-2010-0759

prion2 nvd2 cvelist2 cve1 nessus1 nuclei1