Published: 01/06/2010 Updated: 10/10/2018

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

VMScore: 690

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Directory traversal vulnerability in the SimpleDownload (com_simpledownload) component prior to 0.9.6 for Joomla! allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
joelrowley com_simpledownload 0.9.5

[!]===========================================================================[!] [~] Joomla Component simpledownload LFI Vulnerability [~] Author : Xr0b0t (nycodanis@gmailcom) [~] Homepage : wwwindonesiancodercom | Xr0b0tname | Malangcybercom [~] Date : 16 Mei, 2010 [!]================================================= ...

[!]==========================================[!] [~] Joomla Component simpledownload Remote File Disclouse [~] Author : altbta (l_9@hotmailcom) [~] Homepage : [ v4-teamcom ] & [ xp10me ] [~] Date : 16 Mei, 2010 [!]==========================================[!] [ Software Information ] [+] Vendor : joomlajoelrowleycom/ [+] Price : ...

CWE-22 http://www.exploit-db.com/exploits/12618 http://www.securityfocus.com/bid/40192 http://extensions.joomla.org/extensions/directory-a-documentation/downloads/10717 http://packetstormsecurity.org/1005-exploits/joomlasimpledownload-lfi.txt http://www.osvdb.org/64743 http://secunia.com/advisories/39871 https://exchange.xforce.ibmcloud.com/vulnerabilities/58625 http://www.securityfocus.com/archive/1/511305/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/12618/

CVE-2010-2122

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect