CVE-2008-6222 – Joomla! Component ProDesk 1.0/1.2 - Local File Inclusion

https://notcve.org/view.php?id=CVE-2008-6222

Directory traversal vulnerability in the Pro Desk Support Center (com_pro_desk) component 1.0 and 1.2 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the include_file parameter to index.php. Vulnerabilidad de salto de directorio en el componente Pro Desk Support Center (com_pro_desk) v1.0 y v1.2 de Joomla! permite a atacantes remotos leer ficheros a su eleccion a traves de .. • https://www.exploit-db.com/exploits/6980 https://www.exploit-db.com/exploits/15460 http://secunia.com/advisories/32523 http://www.securityfocus.com/bid/32113 https://exchange.xforce.ibmcloud.com/vulnerabilities/46356 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •