Exploitation Summary
EIP tracks 1 public exploit for CVE-2010-0760. PoCs published by S2 Crew.
AI-analyzed exploit summary This exploit demonstrates a local file inclusion vulnerability in the Core Design Scriptegrator plugin for Joomla! 1.5. The jsloader.php script includes files specified via the 'files' GET parameter without proper validation, allowing an attacker to read arbitrary files accessible to the web server user.
Description
Multiple directory traversal vulnerabilities in the Core Design Scriptegrator plugin 1.4.1 for Joomla! allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) file parameter to libraries/jquery/js/ui/jsloader.php and the (2) files[] parameter to libraries/jquery/js/jsloader.php, a different vector than CVE-2010-0759. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Exploits (1)
This exploit demonstrates a local file inclusion vulnerability in the Core Design Scriptegrator plugin for Joomla! 1.5. The jsloader.php script includes files specified via the 'files' GET parameter without proper validation, allowing an attacker to read arbitrary files accessible to the web server user.