CVE-2010-1306
NUCLEIPicasa 2.0-2.0.5 - Path Traversal
Title source: llmDescription
Directory traversal vulnerability in the Picasa (com_joomlapicasa2) component 2.0 and 2.0.5 for Joomla! allows remote attackers to read arbitrary local files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Vrs-hCk · textwebappsphp
https://www.exploit-db.com/exploits/12058
Nuclei Templates (1)
Joomla! Component Picasa 2.0 - Local File Inclusion
HIGHby daffainfo
References (5)
Scores
EPSS
0.0431
EPSS Percentile
88.9%
Details
CWE
CWE-22
Status
published
Products (6)
roberto_aloi/com_joomlapicasa2
2.0.0
roberto_aloi/com_joomlapicasa2
2.0.1
roberto_aloi/com_joomlapicasa2
2.0.2
roberto_aloi/com_joomlapicasa2
2.0.3
roberto_aloi/com_joomlapicasa2
2.0.4
roberto_aloi/com_joomlapicasa2
2.0.5
Published
Apr 08, 2010
Tracked Since
Feb 18, 2026