CVE-2010-0696

NONE EPSS 97.9%
Published Feb 23, 201016y ago · Modified Jun 16, 20262w ago
Find Similar
Published Feb 23, 2010 16y ago
Last Modified Jun 16, 2026 2w ago

Description

Directory traversal vulnerability in includes/download.php in the JoomlaWorks AllVideos (Jw_allVideos) plugin 3.0 through 3.2 for Joomla! allows remote attackers to read arbitrary files via a ./../.../ (modified dot dot) in the file parameter.

Threat Intelligence

EPSS Exploit Probability
97.9% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available

Weaknesses 1

CWE-22 Path Traversal Resource Mgmt

Affected Products 4

VendorProductVersionRange
joomlaworksjw_allvideos3.0any
joomlaworksjw_allvideos3.1any
joomlaworksjw_allvideos3.2any
joomlajoomla*any

References 5

Remediation

  • joomlaworks.gr http://www.joomlaworks.gr/content/view/77/34/
    PatchVendor Advisory