Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2010-2129

Published: 01/06/2010 Updated: 17/08/2017
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
VMScore: 685
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Harmistechnology

Vulnerability Summary

Directory traversal vulnerability in the JE Ajax Event Calendar (com_jeajaxeventcalendar) component 1.0.1 and 1.0.3 for Joomla! allows remote malicious users to read arbitrary files via a .. (dot dot) in the view parameter to index.php. NOTE: some of these details are obtained from third party information.

Vulnerable Product Search on Vulmon Subscribe to Product

harmistechnology com_jeajaxeventcalendar 1.0.1

harmistechnology com_jeajaxeventcalendar 1.0.3

Exploits

Exploit DB: JE Ajax Event Calendar - Local File Inclusion
# Exploit Title: JE Ajax Event Calendar Local File Inclusion Vulnerability # Date: 14052010 # Author: Valentin # Category: webapps/0day # Version: 103 # Tested on: # CVE : # Code : [:::::::::::::::::::::::::::::::::::::: 0x1 ::::::::::::::::::::::::::::::::::::::] >> General Information Advisory/Exploit Title = JE Ajax Event Calend ...

References

CWE-22http://packetstormsecurity.org/1005-exploits/joomlaajaxec-lfi.txthttp://www.exploit-db.com/exploits/12598http://www.securityfocus.com/bid/40179http://www.osvdb.org/64704http://secunia.com/advisories/39836http://www.xenuser.org/2010/05/14/joomla-component-je-ajax-event-calendar-local-file-inclusion-vulnerability/https://exchange.xforce.ibmcloud.com/vulnerabilities/58602https://nvd.nist.govhttps://www.exploit-db.com/exploits/12598/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
encryptionCVE-2024-4331CVE-2024-26925arbitrary codeCVE-2006-4304CVE-2024-25458CVE-2024-27077reflected XSSCVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook