Lucene search

[email protected]CVE-2010-0760

HistoryOct 03, 2022 - 4:21 p.m.

CVE-2010-0760

2022-10-0316:21:12

CWE-22

[email protected]

web.nvd.nist.gov

information security

cve-2010-0760

directory traversal

core design scriptegrator

joomla

remote attackers

arbitrary files

nvd

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.2 High

AI Score

Confidence

Low

0.016 Low

EPSS

Percentile

87.4%

JSON

Multiple directory traversal vulnerabilities in the Core Design Scriptegrator plugin 1.4.1 for Joomla! allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) file parameter to libraries/jquery/js/ui/jsloader.php and the (2) files[] parameter to libraries/jquery/js/jsloader.php, a different vector than CVE-2010-0759. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Affected configurations

NVD

Node

greatjoomlascriptegrator_pluginMatch1.4.1

AND

joomlajoomla\!

CPENameOperatorVersion
greatjoomla:scriptegrator_plugingreatjoomla scriptegrator plugineq1.4.1

CPE	Name	Operator	Version
greatjoomla:scriptegrator_plugin	greatjoomla scriptegrator plugin	eq	1.4.1

References

secunia.com/advisories/38637

www.osvdb.org/62484

www.osvdb.org/62485

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.2 High

AI Score

Confidence

Low

0.016 Low

EPSS

Percentile

87.4%

JSON

Related for CVE-2010-0760

prion2 nvd2 cve1 cvelist2 nessus1 nuclei1