CVE-2010-4617
published 2010-12-29CVE-2010-4617: Directory traversal vulnerability in the JotLoader (com_jotloader) component 2.2.1 for Joomla! allows remote attackers to read arbitrary files via directory…
PriorityP346medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
8.57%
94.4th percentile
Directory traversal vulnerability in the JotLoader (com_jotloader) component 2.2.1 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the section parameter to index.php.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| kanich | com_jotloader | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Joomla! Component JotLoader 2.2.1 - Local File Inclusion
exploitdb·2010-12-20
CVE-2010-4617 Joomla! Component JotLoader 2.2.1 - Local File Inclusion
Joomla! Component JotLoader 2.2.1 - Local File Inclusion
---
) ) ) ( ( ( ( ( ) )
( /(( /( ( ( /( ( ( ( )\ ))\ ) )\ ))\ ) )\ ) ( /( ( /(
)\())\()))\ ) )\()) )\ )\ )\ (()/(()/( ( (()/(()/((()/( )\()) )\())
((_)((_)\(()/( ((_)((((_)( (((_)(((_)( /(_))(_)) )\ /(_))(_))/(_))(_)\|((_)\
__ ((_)((_)/(_))___ ((_)\ _ )\ )\___)\ _ )\(_))(_))_ ((_)(_))(_)) (_)) _((_)_ ((_)
\ \ / / _ (_)) __\ \ / (_)_\(_)(/ __(_)_\(_) _ \| \| __| _ \ | |_ _|| \| | |/ /
\ V / (_) || (_ |\ V / / _ \ | (__ / _ \ | /| |) | _|| / |__ | | | .` | ' <
|_| \___/ \___| |_| /_/ \_\ \___/_/ \_\|_|_\|___/|___|_|_\____|___||_|\_|_|\_\
.WEB.ID
Joomla Component Jotloader 2.2.1 Local File Inclusion Vulnerability
Author : v3n0m (v3n0m666[at]live[dot]com)
Site : http://yogyacarderlink.web.id/
Date : December, 20-2010
Location : Jakarta
Nuclei
Joomla! Component JotLoader 2.2.1 - Local File Inclusion
nuclei·CVSS 6.8
CVE-2010-4617 [MEDIUM] Joomla! Component JotLoader 2.2.1 - Local File Inclusion
Joomla! Component JotLoader 2.2.1 - Local File Inclusion
A directory traversal vulnerability in the JotLoader (com_jotloader) component 2.2.1 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the section parameter to index.php.
Template:
id: CVE-2010-4617
info:
name: Joomla! Component JotLoader 2.2.1 - Local File Inclusion
author: daffainfo
severity: medium
description: A directory traversal vulnerability in the JotLoader (com_jotloader) component 2.2.1 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the section parameter to index.php.
impact: |
Successful exploitation of this vulnerability can lead to unauthorized access to sensitive files.
remediation: Upgrade to the latest version to miti
http://packetstormsecurity.org/files/view/96812/joomlajotloader-lfi.txthttp://www.exploit-db.com/exploits/15791https://exchange.xforce.ibmcloud.com/vulnerabilities/64223http://packetstormsecurity.org/files/view/96812/joomlajotloader-lfi.txthttp://www.exploit-db.com/exploits/15791https://exchange.xforce.ibmcloud.com/vulnerabilities/64223
2010-12-29
Published