Published: 02/02/2010 Updated: 26/01/2024

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 5.8 | Impact Score: 1.4 | Exploitability Score: 3.9

VMScore: 510

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Directory traversal vulnerability in the ccNewsletter (com_ccnewsletter) component 1.0.5 for Joomla! allows remote malicious users to read arbitrary files via a .. (dot dot) in the controller parameter in a ccnewsletter action to index.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
chillcreations com_ccnewsletter 1.0.5

[~]>> [BEGIN ADVISORY] !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! [~]>> TITLE: Joomla (com_ccnewsletter) Directory Traversal Vulnerability [~]>> LANGUAGE: PHP [~]>> DORK: N/A [~]>> RESEARCHER: B-HUNT3|2 [~]>> CONTACT: bhunt3r[at_no_spam]gmail[dot_no_spam]com [~]>&gt ...

Joomla Component com_ccnewsletter Local File Inclusion ========================================================== ########################################### : Author : AtT4CKxT3rR0r1ST : Email : FHack@wcn : Home : wwwsec-attackcom/vb : Script : Joomla Component com_ccnewsletter : Bug Type ...

CWE-22 http://www.securityfocus.com/bid/37987 http://www.chillcreations.com/en/blog/ccnewsletter-joomla-newsletter/ccnewsletter-106-security-release.html http://secunia.com/advisories/38378 http://www.exploit-db.com/exploits/11282 http://www.exploit-db.com/exploits/11277 https://exchange.xforce.ibmcloud.com/vulnerabilities/55953 https://nvd.nist.gov https://www.exploit-db.com/exploits/11277/

CVE-2010-0467

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect