CVE-2009-3053

NUCLEI

Jvitals Com Agora - Path Traversal

Title source: rule

Description

Directory traversal vulnerability in the Agora (com_agora) component 3.0.0b for Joomla! allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the action parameter to the avatars page, reachable through index.php.

Exploits (1)

exploitdb WRITEUP VERIFIED

by ByALBAYX · textwebappsphp

https://www.exploit-db.com/exploits/9564

View Code ZIP pw:eip

Nuclei Templates (1)

Joomla! Agora 3.0.0b - Local File Inclusion

MEDIUMby daffainfo

References (3)

[Exploit] http://www.securityfocus.com/bid/36207

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/52964

[Exploit, Third Party Advisory] http://www.exploit-db.com/exploits/9564

Scores

EPSS 0.0156

EPSS Percentile 81.5%

Details

CWE

CWE-22

Status published

Products (1)

jvitals/com_agora 3.0.0b

Published Sep 03, 2009

Tracked Since Feb 18, 2026