CVE-2010-2045 – Joomla! Component FDione Form Wizard 1.0.2 - Local File Inclusion

https://notcve.org/view.php?id=CVE-2010-2045

25 May 2010 — Directory traversal vulnerability in the Dione Form Wizard (aka FDione or com_dioneformwizard) component 1.0.2 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php. Vulnerabilidad de salto de directorio en el componente Dione Form Wizard (aka FDione or com_dioneformwizard) v1.0.2 de Joomla! permite a atacantes remotos leer ficheros de su elección mediante secuencias de salto de directorio en el parámetro "controller" sobre ind... • https://www.exploit-db.com/exploits/12595 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •