CVE-2010-2680
published 2010-07-12CVE-2010-2680: Directory traversal vulnerability in the JExtensions JE Section/Property Finder (jesectionfinder) component for Joomla! allows remote attackers to include and…
PriorityP342medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
4.85%
90.9th percentile
Directory traversal vulnerability in the JExtensions JE Section/Property Finder (jesectionfinder) component for Joomla! allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the view parameter to index.php.
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Joomla! Component jesectionfinder - Local File Inclusion
exploitdb·2010-06-26
CVE-2010-2680 Joomla! Component jesectionfinder - Local File Inclusion
Joomla! Component jesectionfinder - Local File Inclusion
---
Name : Joomla jesectionfinder LFI Vulnerability
Date : june, 26 2010
Critical Level : HIGH
Vendor Url : http://joomlaextensions.co.in/component/awd_song/
Google Dork: inurl:/component/jesectionfinder/
Price:$25.00
Author : Sid3^effects aKa HaRi
special thanks to : r0073r (inj3ct0r.com),L0rd CruSad3r,MaYur,MA1201,KeDar,Sonic,gunslinger_
greetz to :www.topsecure.net ,All ICW members and my friends :) luv y0 guyz
#######################################################################################################
Description:
This component for web-based business that specialises in buying and selling sections nationwide. Our aim is easy to connect the seller of
land directly to the buyer, its simple.
Easy to handle that compo
Nuclei
Joomla! Component jesectionfinder - Local File Inclusion
nuclei·CVSS 6.8
CVE-2010-2680 [MEDIUM] Joomla! Component jesectionfinder - Local File Inclusion
Joomla! Component jesectionfinder - Local File Inclusion
A directory traversal vulnerability in the JExtensions JE Section/Property Finder (jesectionfinder) component for Joomla! allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the view parameter to index.php.
Template:
id: CVE-2010-2680
info:
name: Joomla! Component jesectionfinder - Local File Inclusion
author: daffainfo
severity: medium
description: A directory traversal vulnerability in the JExtensions JE Section/Property Finder (jesectionfinder) component for Joomla! allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the view parameter to index.php.
impact: |
Remote attackers can include and execute arbitrary local files
http://packetstormsecurity.org/1006-exploits/joomlajesectionfinder-lfi.txthttp://www.exploit-db.com/exploits/14064http://www.securityfocus.com/bid/41163https://exchange.xforce.ibmcloud.com/vulnerabilities/59796http://packetstormsecurity.org/1006-exploits/joomlajesectionfinder-lfi.txthttp://www.exploit-db.com/exploits/14064http://www.securityfocus.com/bid/41163https://exchange.xforce.ibmcloud.com/vulnerabilities/59796
2010-07-12
Published