Directory traversal

2010-03-0220:30:00

PRIOn knowledge base

www.prio-n.com

6.9 Medium

AI Score

Confidence

Low

0.014 Low

EPSS

Percentile

86.4%

JSON

Directory traversal vulnerability in the AutartiTarot (com_autartitarot) component 1.0.3 for Joomla! allows remote authenticated users, with “Public Back-end” group permissions, to read arbitrary files via directory traversal sequences in the controller parameter in an edit task to administrator/index.php. NOTE: some of these details are obtained from third party information.

CPENameOperatorVersion
com_autartitaroteq1.0.3

CPE	Name	Operator	Version
	com_autartitarot	eq	1.0.3

References

osvdb.org/62041

packetstormsecurity.org/1001-exploits/joomlaautartitarot-traversal.txt

secunia.com/advisories/38434

www.securityfocus.com/bid/38034