CVE-2010-2122
published 2010-06-01CVE-2010-2122: Directory traversal vulnerability in the SimpleDownload (com_simpledownload) component before 0.9.6 for Joomla! allows remote attackers to include and execute…
PriorityP349medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
11.66%
95.5th percentile
Directory traversal vulnerability in the SimpleDownload (com_simpledownload) component before 0.9.6 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| joelrowley | com_simpledownload | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Joomla! Component simpledownload 0.9.5 - Local File Inclusion
exploitdb·2010-05-16
CVE-2010-2122 Joomla! Component simpledownload 0.9.5 - Local File Inclusion
Joomla! Component simpledownload 0.9.5 - Local File Inclusion
---
[!]===========================================================================[!]
[~] Joomla Component simpledownload LFI Vulnerability
[~] Author : Xr0b0t ([email protected])
[~] Homepage : http://www.indonesiancoder.com | http://Xr0b0t.name | http://Malangcyber.com
[~] Date : 16 Mei, 2010
[!]===========================================================================[!]
[ Software Information ]
[+] Vendor : http://joomla.joelrowley.com/
[+] Price : free
[+] Vulnerability : LFI
[+] Dork : inurl:"com_simpledownload" ;)
[+] Version : 0.9.5 maybe lower also affected
[!]===========================================================================[!]
[ Vulnerable File ]
http://127.0.0.1//index.php?option=com_simpledownlo
Exploit-DB
Joomla! Component simpledownload 0.9.5 - Local File Disclosure
exploitdb·2010-05-16
CVE-2010-2122 Joomla! Component simpledownload 0.9.5 - Local File Disclosure
Joomla! Component simpledownload 0.9.5 - Local File Disclosure
---
[!]==========================================[!]
[~] Joomla Component simpledownload Remote File Disclouse
[~] Author : altbta ([email protected])
[~] Homepage : [ v4-team.com ] & [ xp10.me ]
[~] Date : 16 Mei, 2010
[!]==========================================[!]
[ Software Information ]
[+] Vendor : http://joomla.joelrowley.com/
[+] Price : free
[+] Vulnerability : Remote File Disclouse
[+] Dork : inurl:"com_simpledownload" ;)
[+] Version : 0.9.5 maybe lower also affected
[!]==========================================[!]
===[ Exploit ]===
http://site/index.php?option=com_simpledownload&task=download&fileid=[file]
http://site/index.php?option=com_simpledownload&task=download&fileid=/configuration.php
[!]=========~~{
Exploit-DB
AOL Instant Messenger 4.0/4.1.2010/4.2.1193 - BuddyIcon Buffer Overflow
exploitdb·2000-12-12
CVE-2000-1094 AOL Instant Messenger 4.0/4.1.2010/4.2.1193 - BuddyIcon Buffer Overflow
AOL Instant Messenger 4.0/4.1.2010/4.2.1193 - BuddyIcon Buffer Overflow
---
source: https://www.securityfocus.com/bid/2122/info
AOL Instant Messenger (AIM) is a real time messaging service for users that are on line. When AOL Instant Messenger is installed, by default it configures the system so that the aim: URL protocol connects aim:// urls to the AIM client. There exists a buffer overflow in parsing aim:// URL parameters.
The buffer overflow has to do with the parsing of parameters associated with the "buddyicon" option. The stack overflow will occur If the "Source" parameter, which arguments the buddyicon option, is more than 3000 characters in length. It may be possible to execute arbitrary code. Since this vulnerability manifests itself in an URL, a user needs only to click on th
Nuclei
Joomla! Component simpledownload <=0.9.5 - Arbitrary File Retrieval
nuclei·CVSS 6.8
CVE-2010-2122 [MEDIUM] Joomla! Component simpledownload <=0.9.5 - Arbitrary File Retrieval
Joomla! Component simpledownload <=0.9.5 - Arbitrary File Retrieval
A directory traversal vulnerability in the SimpleDownload (com_simpledownload) component before 0.9.6 for Joomla! allows remote attackers to retrieve arbitrary files via a .. (dot dot) in the controller parameter to index.php.
Template:
id: CVE-2010-2122
info:
name: Joomla! Component simpledownload <=0.9.5 - Arbitrary File Retrieval
author: daffainfo
severity: medium
description: A directory traversal vulnerability in the SimpleDownload (com_simpledownload) component before 0.9.6 for Joomla! allows remote attackers to retrieve arbitrary files via a .. (dot dot) in the controller parameter to index.php.
impact: |
An attacker can retrieve arbitrary files from the server, potentially leading to unauthorized access or sens
http://extensions.joomla.org/extensions/directory-a-documentation/downloads/10717http://packetstormsecurity.org/1005-exploits/joomlasimpledownload-lfi.txthttp://secunia.com/advisories/39871http://www.exploit-db.com/exploits/12618http://www.osvdb.org/64743http://www.securityfocus.com/archive/1/511305/100/0/threadedhttp://www.securityfocus.com/bid/40192https://exchange.xforce.ibmcloud.com/vulnerabilities/58625http://extensions.joomla.org/extensions/directory-a-documentation/downloads/10717http://packetstormsecurity.org/1005-exploits/joomlasimpledownload-lfi.txthttp://secunia.com/advisories/39871http://www.exploit-db.com/exploits/12618http://www.osvdb.org/64743http://www.securityfocus.com/archive/1/511305/100/0/threadedhttp://www.securityfocus.com/bid/40192https://exchange.xforce.ibmcloud.com/vulnerabilities/58625
2010-06-01
Published