CVE-2010-1953

2010-05-1912:07:52

CWE-22

mitre

web.nvd.nist.gov

cve

2010

1953

directory traversal

vulnerability

inetlanka

multiple map

joomla

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

5.6

Confidence

High

EPSS

0.057

Percentile

93.4%

JSON

Directory traversal vulnerability in the iNetLanka Multiple Map (com_multimap) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a … (dot dot) in the controller parameter to index.php.

Affected configurations

Nvd

Node

joomlacomponent.inetlankacom_multimapMatch1.0

AND

joomlajoomla\!

VendorProductVersionCPE
joomlacomponent.inetlankacom_multimap1.0cpe:2.3:a:joomlacomponent.inetlanka:com_multimap:1.0:*:*:*:*:*:*:*
joomlajoomla\!*cpe:2.3:a:joomla:joomla\!:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
joomlacomponent.inetlanka	com_multimap	1.0	cpe:2.3:a:joomlacomponent.inetlanka:com_multimap:1.0:::::::*
joomla	joomla\!	*	cpe:2.3:a:joomla:joomla\!::::::::