CVE-2010-0801

Sažetak

Directory traversal vulnerability in the AutartiTarot (com_autartitarot) component 1.0.3 for Joomla! allows remote authenticated users, with "Public Back-end" group permissions, to read arbitrary files via directory traversal sequences in the controller parameter in an edit task to administrator/index.php. NOTE: some of these details are obtained from third party information.

Reference

http://osvdb.org/62041
http://packetstormsecurity.org/1001-exploits/joomlaautartitarot-traversal.txt
http://secunia.com/advisories/38434
http://www.securityfocus.com/bid/38034

CVSS

Base:	3.5
Impact:	2.9
Exploitability:	6.8

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:M/Au:S/C:P/I:N/A:N

Zadnje važnije ažuriranje

03-03-2010 - 05:00

Objavljeno

02-03-2010 - 20:30