CVE-2009-0113

Joomla XStandard - Directory Traversal via X_CMS_LIBRARY_PATH HTTP Header

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-0113. PoCs published by irk4z.

AI-analyzed exploit summary This exploit leverages a directory traversal vulnerability in Joomla's xstandard editor plugin to list files and directories. It sends a crafted HTTP request with a manipulated 'X_CMS_LIBRARY_PATH' header to traverse directories and retrieve file listings.

Description

Directory traversal vulnerability in attachmentlibrary.php in the XStandard component for Joomla! 1.5.8 and earlier allows remote attackers to list arbitrary directories via a .. (dot dot) in the X_CMS_LIBRARY_PATH HTTP header.

Exploits (1)

exploitdb WORKING POC VERIFIED
by irk4z · phpwebappsphp
https://www.exploit-db.com/exploits/7691

This exploit leverages a directory traversal vulnerability in Joomla's xstandard editor plugin to list files and directories. It sends a crafted HTTP request with a manipulated 'X_CMS_LIBRARY_PATH' header to traverse directories and retrieve file listings.

Classification
Working Poc 95%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Joomla <= 1.5.8 with xstandard editor plugin
No auth needed
Prerequisites: Target must have Joomla <= 1.5.8 with xstandard editor plugin installed · Target must be accessible via HTTP
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/33143
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/4896
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/7691
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/33377

Scores

EPSS 0.0658
EPSS Percentile 93.0%

Details

CWE
CWE-22
Status published
Products (1)
joomla/xstandard
Published Jan 09, 2009
Tracked Since Feb 18, 2026