CVE-2010-2680 – Joomla! Component jesectionfinder - Local File Inclusion

https://notcve.org/view.php?id=CVE-2010-2680

Directory traversal vulnerability in the JExtensions JE Section/Property Finder (jesectionfinder) component for Joomla! allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the view parameter to index.php. Vulnerabilidad de salto de directorio de en el componente para Joomla! JExtensions JE Section/Property Finder (jesectionfinder) permite a atacantes remotos incluir y ejecutar archivos locales a través de secuencias de salto de directorio en el parámetro view a index.php. • https://www.exploit-db.com/exploits/14064 http://packetstormsecurity.org/1006-exploits/joomlajesectionfinder-lfi.txt http://www.exploit-db.com/exploits/14064 http://www.securityfocus.com/bid/41163 https://exchange.xforce.ibmcloud.com/vulnerabilities/59796 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •