CVE-2010-2920
published 2010-07-30CVE-2010-2920: Directory traversal vulnerability in the Foobla Suggestions (com_foobla_suggestions) component 1.5.1.2 for Joomla! allows remote attackers to read arbitrary…
PriorityP343medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
5.69%
92.0th percentile
Directory traversal vulnerability in the Foobla Suggestions (com_foobla_suggestions) component 1.5.1.2 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| foobla | com_foobla_suggestions | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Joomla! Component Foobla Suggestions 1.5.1.2 - Local File Inclusion
exploitdb·2010-04-09
CVE-2010-2920 Joomla! Component Foobla Suggestions 1.5.1.2 - Local File Inclusion
Joomla! Component Foobla Suggestions 1.5.1.2 - Local File Inclusion
---
Joomla Component Foobla Suggestions Local File Inclusion
Author : Chip D3 Bi0s
Email : chipdebios[alt+64]gmail.com
Date : April 08, 2010
Critical Lvl : Moderate
Impact : Exposure of sensitive information
Where : From Remote
Affected software description:
~~~~~~~~~~~~~~~~~~~~~~~~~~~
Application : foobla Suggestions
version : 1.5.1.2
Developer : foobla
License : GPL type : Commercial
Date Added : Dec 21, 2009
Download : http://foobla.com/products/featured-joomla-extensions/foobla-suggestions-for-joomla.html
Description :
Have you ever used Uservoice? Would you like to have something similar on Joomla but with unlimited features and no monthly fee?
The foobla Suggestions allows you to collect ideas, suggestions, a
Nuclei
Joomla! Component Foobla Suggestions 1.5.1.2 - Local File Inclusion
nuclei·CVSS 6.8
CVE-2010-2920 [MEDIUM] Joomla! Component Foobla Suggestions 1.5.1.2 - Local File Inclusion
Joomla! Component Foobla Suggestions 1.5.1.2 - Local File Inclusion
A directory traversal vulnerability in the Foobla Suggestions (com_foobla_suggestions) component 1.5.1.2 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php.
Template:
id: CVE-2010-2920
info:
name: Joomla! Component Foobla Suggestions 1.5.1.2 - Local File Inclusion
author: daffainfo
severity: medium
description: A directory traversal vulnerability in the Foobla Suggestions (com_foobla_suggestions) component 1.5.1.2 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php.
impact: |
Remote attackers can read arbitrary files on the server, potentially exposing se
http://packetstormsecurity.org/1004-exploits/joomlafoobla-lfi.txthttp://www.exploit-db.com/exploits/12120http://www.securityfocus.com/bid/39341http://www.vupen.com/english/advisories/2010/1844https://exchange.xforce.ibmcloud.com/vulnerabilities/57660http://packetstormsecurity.org/1004-exploits/joomlafoobla-lfi.txthttp://www.exploit-db.com/exploits/12120http://www.securityfocus.com/bid/39341http://www.vupen.com/english/advisories/2010/1844https://exchange.xforce.ibmcloud.com/vulnerabilities/57660
2010-07-30
Published