Published: 23/03/2010 Updated: 24/03/2010

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Directory traversal vulnerability in the Community Polls (com_communitypolls) component 1.5.2, and possibly earlier, for Core Joomla! allows remote malicious users to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
corejoomla com_communitypolls 1.5.1
corejoomla com_communitypolls 1.0.9
corejoomla com_communitypolls 1.0.4
corejoomla com_communitypolls 1.0.2
corejoomla com_communitypolls 1.0.8
corejoomla com_communitypolls 1.0.7
corejoomla com_communitypolls 1.0.6
corejoomla com_communitypolls 1.0.5
corejoomla com_communitypolls
corejoomla com_communitypolls 1.5.0
corejoomla com_communitypolls 1.0.3
corejoomla com_communitypolls 1.0.1

[!]===========================================================================[!] [~] Joomla Component com_communitypolls LFI Vulnerability [~] Author : kaMtiEz (kamzcrew@yahoocom) [~] Homepage : wwwindonesiancodercom [~] Date : 16 February, 2010 [!]===========================================================================[!] [ Softw ...

CWE-22 http://osvdb.org/62506 http://www.corejoomla.com/component/content/article/1-corejoomla-updates/40-community-polls-v153-security-release.html http://www.securityfocus.com/bid/38330 http://secunia.com/advisories/38692 http://packetstormsecurity.org/1002-exploits/joomlacp-lfi.txt https://nvd.nist.gov https://www.exploit-db.com/exploits/11511/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2010-1081

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect