CVE-2010-1302 – Joomla! Component DW Graph - Local File Inclusion
https://notcve.org/view.php?id=CVE-2010-1302
Directory traversal vulnerability in dwgraphs.php in the DecryptWeb DW Graphs (com_dwgraphs) component 1.0 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php. Vulnerabilidad de salto de directorio en dwgraphs.php en el componente DecryptWeb DW Graphs v1.0 para Joomla!, permite a atacantes remotos leer archivos de su elección a través de secuencias de salto de directorio en el parámetro "controller" a index.php • https://www.exploit-db.com/exploits/11978 http://osvdb.org/63345 http://packetstormsecurity.org/1003-exploits/joomladwgraph-lfi.txt http://secunia.com/advisories/39200 http://www.exploit-db.com/exploits/11978 http://www.securityfocus.com/bid/39108 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •