CVE-2010-1979

2010-05-1920:00:01

CWE-22

mitre

web.nvd.nist.gov

cve

2010

1979

directory traversal

vulnerability

joomla

component

nvd

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

5.6

Confidence

High

EPSS

0.008

Percentile

82.0%

JSON

Directory traversal vulnerability in the Affiliate Datafeeds (com_datafeeds) component build 880 for Joomla! allows remote attackers to read arbitrary files via a … (dot dot) in the controller parameter to index.php.

Affected configurations

Nvd

Node

affiliatefeedscom_datafeedsMatchbuild_880

AND

joomlajoomla\!

VendorProductVersionCPE
affiliatefeedscom_datafeedsbuild_880cpe:2.3:a:affiliatefeeds:com_datafeeds:build_880:*:*:*:*:*:*:*
joomlajoomla\!*cpe:2.3:a:joomla:joomla\!:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
affiliatefeeds	com_datafeeds	build_880	cpe:2.3:a:affiliatefeeds:com_datafeeds:build_880:::::::*
joomla	joomla\!	*	cpe:2.3:a:joomla:joomla\!::::::::