CVE-2008-1849

Directory traversal vulnerability in index.php in the joomlaXplorer (com_joomlaxplorer) Mambo/Joomla! component 1.6.2 and earlier allows remote attackers to list arbitrary directories via a .. (dot dot) in the dir parameter in a show_error action.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:joomlacode:joomlaexplorer:*:*:*:*:*:*:*:*
OR cpe:2.3:a:joomla:joomla:*:*:*:*:*:*:*:*
cpe:2.3:a:mambo:mambo:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2008-04-16 17:05

Updated : 2024-02-04 17:33


NVD link : CVE-2008-1849

Mitre link : CVE-2008-1849

CVE.ORG link : CVE-2008-1849


JSON object : View

Products Affected

joomlacode

  • joomlaexplorer

joomla

  • joomla

mambo

  • mambo
CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')