CVE-2010-0676
weberr com_rwcards 3.0.18 - Path Traversal via Controller Parameter
Title source: llmDescription
Directory traversal vulnerability in index.php in the RWCards (com_rwcards) component 3.0.18 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter.
References (3)
Core 3
Core References
Exploit x_refsource_misc
http://packetstormsecurity.org/1002-exploits/joomlarwcards-lfi.txt
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/38267
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/38638
Scores
EPSS
0.0157
EPSS Percentile
72.3%
Details
CWE
CWE-22
Status
published
Products (1)
weberr/com_rwcards
3.0.18
Published
Feb 22, 2010
Tracked Since
Feb 18, 2026