Lucene search

[email protected]CVE-2010-0157

HistoryOct 03, 2022 - 4:21 p.m.

CVE-2010-0157

2022-10-0316:21:11

CWE-22

[email protected]

web.nvd.nist.gov

cve

2010

0157

directory traversal

vulnerability

bible study

joomla

remote attack

arbitrary file execution

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6 Medium

AI Score

Confidence

High

0.234 Low

EPSS

Percentile

96.6%

JSON

Directory traversal vulnerability in the Bible Study (com_biblestudy) component 6.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a … (dot dot) in the controller parameter in a studieslist action to index.php.

Affected configurations

NVD

Node

joomlajoomla\!

AND

joomlabiblestudycom_biblestudyMatch6.1

CPENameOperatorVersion
joomlabiblestudy:com_biblestudyjoomlabiblestudy com biblestudyeq6.1

CPE	Name	Operator	Version
joomlabiblestudy:com_biblestudy	joomlabiblestudy com biblestudy	eq	6.1

References

packetstormsecurity.org/1001-exploits/joomlabiblestudy-lfi.txt

secunia.com/advisories/37896

www.securityfocus.com/bid/37583

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6 Medium

AI Score

Confidence

High

0.234 Low

EPSS

Percentile

96.6%

JSON

Related for CVE-2010-0157

nvd1 cvelist1 checkpoint_advisories1 prion1 nuclei1 nessus1