CVE-2010-0943
published 2010-03-08CVE-2010-0943: Directory traversal vulnerability in the JA Showcase (com_jashowcase) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot)…
PriorityP340medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
16.36%
96.6th percentile
Directory traversal vulnerability in the JA Showcase (com_jashowcase) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter in a jashowcase action to index.php.
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Joomlart Com Jashowcase index.php controller path traversal (EDB-11090 / XFDB-55512)
vuldb·2026-05-02·CVSS 5.0
CVE-2010-0943 [MEDIUM] Joomlart Com Jashowcase index.php controller path traversal (EDB-11090 / XFDB-55512)
A vulnerability categorized as problematic has been discovered in Joomlart Com Jashowcase. The affected element is an unknown function of the file index.php. Executing a manipulation of the argument controller can lead to path traversal.
This vulnerability is tracked as CVE-2010-0943. The attack can be launched remotely. Moreover, an exploit is present.
GHSA
GHSA-cr8r-x5cw-72fh: Directory traversal vulnerability in the JA Showcase (com_jashowcase) component for Joomla! allows remote attackers to read arbitrary files via a
ghsa_unreviewed·2022-05-02
CVE-2010-0943 [MEDIUM] CWE-22 GHSA-cr8r-x5cw-72fh: Directory traversal vulnerability in the JA Showcase (com_jashowcase) component for Joomla! allows remote attackers to read arbitrary files via a
Directory traversal vulnerability in the JA Showcase (com_jashowcase) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter in a jashowcase action to index.php.
No detection rules found.
Exploit-DB
Joomla! Component com_jashowcase - Directory Traversal
exploitdb·2010-01-10
CVE-2010-0943 Joomla! Component com_jashowcase - Directory Traversal
Joomla! Component com_jashowcase - Directory Traversal
---
@~~=======================================~~@
@~~=Script : Joomla Component com_jashowcase
@~~=Author : FL0RiX
@~~=Greez : Deep-Power ,Pyske,Wretch-x & All Friends
@~~=Bug Type : Directory Traversal
@~~=Dork : inurl:"com_jashowcase "
@~~=Note : Kimseye Hakettiginden Fazla Deger Vermeyecekmissin..!!
@~~=======================================~~@
@~~=Vuln.
: http://site/ [Yol] /index.php?option=com_jashowcase&view=jashowcase&controller=../../../../../../../etc/passwd%00
Nuclei
Joomla! Component com_jashowcase - Directory Traversal
nuclei·CVSS 5.0
CVE-2010-0943 [MEDIUM] Joomla! Component com_jashowcase - Directory Traversal
Joomla! Component com_jashowcase - Directory Traversal
A directory traversal vulnerability in the JA Showcase (com_jashowcase) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter in a jashowcase action to index.php.
Template:
id: CVE-2010-0943
info:
name: Joomla! Component com_jashowcase - Directory Traversal
author: daffainfo
severity: medium
description: A directory traversal vulnerability in the JA Showcase (com_jashowcase) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter in a jashowcase action to index.php.
impact: |
An attacker can exploit this vulnerability to read arbitrary files on the server.
remediation: |
Update to the latest version of Joomla!
http://packetstormsecurity.org/1001-exploits/joomlajashowcase-traversal.txthttp://secunia.com/advisories/33486http://www.exploit-db.com/exploits/11090http://www.securityfocus.com/bid/37692https://exchange.xforce.ibmcloud.com/vulnerabilities/55512http://packetstormsecurity.org/1001-exploits/joomlajashowcase-traversal.txthttp://secunia.com/advisories/33486http://www.exploit-db.com/exploits/11090http://www.securityfocus.com/bid/37692https://exchange.xforce.ibmcloud.com/vulnerabilities/55512
2010-03-08
Published