CVE-2010-0759

EXPLOITED NUCLEI

Core Design Scriptegrator <1.4.1 - Path Traversal

Title source: llm

Description

Directory traversal vulnerability in plugins/system/cdscriptegrator/libraries/highslide/js/jsloader.php in the Core Design Scriptegrator plugin 1.4.1 for Joomla! allows remote attackers to read, and possibly include and execute, arbitrary files via directory traversal sequences in the files[] parameter, a different vector than CVE-2010-0760.

Exploits (1)

exploitdb WORKING POC VERIFIED

by S2 Crew · textwebappsphp

https://www.exploit-db.com/exploits/11498

View Code ZIP pw:eip

Nuclei Templates (1)

Joomla! Plugin Core Design Scriptegrator - Local File Inclusion

HIGHby daffainfo

References (6)

[Exploit] http://packetstormsecurity.org/1002-exploits/joomlascriptegrator-lfi.txt

[Vendor Advisory] http://secunia.com/advisories/38637

[Exploit] http://www.securityfocus.com/bid/38296

[Exploit, Third Party Advisory] http://www.exploit-db.com/exploits/11498

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/56380

[Third Party Advisory, VDB Entry] http://www.osvdb.org/62486

Scores

EPSS 0.0637

EPSS Percentile 91.0%

Details

VulnCheck KEV 2026-02-02

CWE

CWE-22

Status published

Products (1)

greatjoomla/scriptegrator_plugin 1.4.1

Published Feb 27, 2010

Tracked Since Feb 18, 2026