Lucene search
HistoryMay 19, 2010 - 12:07 p.m.
CVE-2010-1955
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.6
Confidence
Low
EPSS
0.017
Percentile
87.7%
Directory traversal vulnerability in the Deluxe Blog Factory (com_blogfactory) component 1.1.2 for Joomla! allows remote attackers to read arbitrary files via a … (dot dot) in the controller parameter to index.php.
Affected configurations
Node
thefactorycom_blogfactoryMatch1.1.2
joomlajoomla\!
| Vendor | Product | Version | CPE |
|---|---|---|---|
| thefactory | com_blogfactory | 1.1.2 | cpe:2.3:a:thefactory:com_blogfactory:1.1.2:*:*:*:*:*:*:* |
| joomla | joomla\! | * | cpe:2.3:a:joomla:joomla\!:*:*:*:*:*:*:*:* |
Related
exploitdb
exploitdb
Joomla! Component Deluxe Blog Factory 1.1.2 - Local File Inclusion
2010-04-14 00:00:00
cvelist
cvelist
CVE-2010-1955
2010-05-18 19:00:00
nuclei
nuclei
Joomla! Component Deluxe Blog Factory 1.1.2 - Local File Inclusion
2021-08-12 23:23:04
cve
cve
CVE-2010-1955
2010-05-19 12:07:52
dsquare
dsquare
Joomla Component com_blogfactory 1.1.2 LFI
2012-02-01 00:00:00
prion
prion
Directory traversal
2010-05-19 12:07:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.6
Confidence
Low
EPSS
0.017
Percentile
87.7%
Related for NVD:CVE-2010-1955