CVE-2010-0801

AutartiTarot (com_autartitarot) 1.0.3 - Path Traversal

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2010-0801. PoCs published by B-HUNT3|2.

AI-analyzed exploit summary The exploit describes a directory traversal vulnerability in the AutartiTarot component for Joomla! due to insufficient input sanitization. It allows an attacker to access sensitive files by manipulating the 'controller' parameter, but requires 'Public Back-end' group credentials.

Description

Directory traversal vulnerability in the AutartiTarot (com_autartitarot) component 1.0.3 for Joomla! allows remote authenticated users, with "Public Back-end" group permissions, to read arbitrary files via directory traversal sequences in the controller parameter in an edit task to administrator/index.php. NOTE: some of these details are obtained from third party information.

Exploits (1)

exploitdb WRITEUP VERIFIED
by B-HUNT3|2 · textwebappsphp
https://www.exploit-db.com/exploits/33590

The exploit describes a directory traversal vulnerability in the AutartiTarot component for Joomla! due to insufficient input sanitization. It allows an attacker to access sensitive files by manipulating the 'controller' parameter, but requires 'Public Back-end' group credentials.

Classification
Writeup 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Joomla! with AutartiTarot component
Auth required
Prerequisites: Valid 'Public Back-end' group credentials · AutartiTarot component installed
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/38034
Exploit vdb-entry x_refsource_osvdb
http://osvdb.org/62041
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/38434

Scores

EPSS 0.0188
EPSS Percentile 76.7%

Details

CWE
CWE-22
Status published
Products (1)
autartica/com_autartitarot 1.0.3
Published Mar 02, 2010
Tracked Since Feb 18, 2026