CVE-2010-0944
published 2010-03-08CVE-2010-0944: Directory traversal vulnerability in the JCollection (com_jcollection) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot)…
PriorityP338medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
14.04%
96.1th percentile
Directory traversal vulnerability in the JCollection (com_jcollection) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Thorsten Riess Com Jcollection index.php controller path traversal (EDB-11088 / Nessus ID 43636)
vuldb·2026-05-02·CVSS 5.0
CVE-2010-0944 [MEDIUM] Thorsten Riess Com Jcollection index.php controller path traversal (EDB-11088 / Nessus ID 43636)
A vulnerability identified as problematic has been detected in Thorsten Riess Com Jcollection. The impacted element is an unknown function of the file index.php. The manipulation of the argument controller leads to path traversal.
This vulnerability is listed as CVE-2010-0944. The attack may be initiated remotely. In addition, an exploit is available.
GHSA
GHSA-m7q8-8fgq-qmc2: Directory traversal vulnerability in the JCollection (com_jcollection) component for Joomla! allows remote attackers to read arbitrary files via a
ghsa_unreviewed·2022-05-02
CVE-2010-0944 [MEDIUM] CWE-22 GHSA-m7q8-8fgq-qmc2: Directory traversal vulnerability in the JCollection (com_jcollection) component for Joomla! allows remote attackers to read arbitrary files via a
Directory traversal vulnerability in the JCollection (com_jcollection) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
No detection rules found.
Exploit-DB
Joomla! Component com_jcollection - Directory Traversal
exploitdb·2010-01-10
CVE-2010-0944 Joomla! Component com_jcollection - Directory Traversal
Joomla! Component com_jcollection - Directory Traversal
---
@~~=======================================~~@
@~~=Script : Joomla Component com_jcollection
@~~=Author : FL0RiX
@~~=Greez : Dost mu var?
@~~=Bug Type : Directory Traversal
@~~=Dork : inurl:"com_jcollection "
@~~=Note: Kimseye Hakettiginden Fazla Deger Vermeyeceksin.
@~~=======================================~~@
@~~=Vuln.
: http://site/ [Yol] /index.php?option=com_jcollection&controller=../../../../../../../etc/passwd%00
Nuclei
Joomla! Component com_jcollection - Directory Traversal
nuclei·CVSS 5.0
CVE-2010-0944 [MEDIUM] Joomla! Component com_jcollection - Directory Traversal
Joomla! Component com_jcollection - Directory Traversal
A directory traversal vulnerability in the JCollection (com_jcollection) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
Template:
id: CVE-2010-0944
info:
name: Joomla! Component com_jcollection - Directory Traversal
author: daffainfo
severity: medium
description: A directory traversal vulnerability in the JCollection (com_jcollection) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
impact: |
An attacker can exploit this vulnerability to read arbitrary files on the server.
remediation: Apply all relevant security patches and product upgrades.
reference:
- https://www.
No writeups or analysis indexed.
http://packetstormsecurity.org/1001-exploits/joomlajcollection-traversal.txthttp://www.exploit-db.com/exploits/11088http://www.securityfocus.com/bid/37691https://exchange.xforce.ibmcloud.com/vulnerabilities/55514http://packetstormsecurity.org/1001-exploits/joomlajcollection-traversal.txthttp://www.exploit-db.com/exploits/11088http://www.securityfocus.com/bid/37691https://exchange.xforce.ibmcloud.com/vulnerabilities/55514
2010-03-08
Published