2 matches found
Joomla! <=2.0.0 RC2 - Local File Inclusion
Joomla! 2.0.0 RC2 and earlier are susceptible to local file inclusion in the eXtplorer module comextplorer that allows remote attackers to read arbitrary files via a .. dot dot in the dir parameter in a showerror action. id: CVE-2008-4764 info: name: Joomla! =2.0.0 RC2 - Local File Inclusion...
CVE-2008-4764
The connected template confirms CVE-2008-4764 affects Joomla! ≤2.0.0 RC2 via the eXtplorer (com_extplorer) module, enabling Local File Inclusion by passing a “..” in the dir parameter of show_error. Impact is the reading of arbitrary server files. Root cause: directory traversal in show_error act...