Vulnerability Description
Directory traversal vulnerability in the AutartiTarot (com_autartitarot) component 1.0.3 for Joomla! allows remote authenticated users, with "Public Back-end" group permissions, to read arbitrary files via directory traversal sequences in the controller parameter in an edit task to administrator/index.php. NOTE: some of these details are obtained from third party information.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Autartica | Com Autartitarot | 1.0.3 |
| Joomla | Joomla\! | All versions |
Related Weaknesses (CWE)
References
- http://osvdb.org/62041Exploit
- http://packetstormsecurity.org/1001-exploits/joomlaautartitarot-traversal.txtExploit
- http://secunia.com/advisories/38434Vendor Advisory
- http://www.securityfocus.com/bid/38034Exploit
- http://osvdb.org/62041Exploit
- http://packetstormsecurity.org/1001-exploits/joomlaautartitarot-traversal.txtExploit
- http://secunia.com/advisories/38434Vendor Advisory
- http://www.securityfocus.com/bid/38034Exploit
FAQ
What is CVE-2010-0801?
CVE-2010-0801 is a vulnerability with a CVSS score of 3.5 (LOW). Directory traversal vulnerability in the AutartiTarot (com_autartitarot) component 1.0.3 for Joomla! allows remote authenticated users, with "Public Back-end" group permissions, to read arbitrary file...
How severe is CVE-2010-0801?
CVE-2010-0801 has been rated LOW with a CVSS base score of 3.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-0801?
Check the references section above for vendor advisories and patch information. Affected products include: Autartica Com Autartitarot, Joomla Joomla\!.