CVE-2010-1531

NUCLEI

Joomla! com_redshop 1.0.x - Path Traversal

Title source: llm

Description

Directory traversal vulnerability in the redSHOP (com_redshop) component 1.0.x for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php.

Exploits (1)

exploitdb WORKING POC VERIFIED

by NoGe · textwebappsphp

https://www.exploit-db.com/exploits/12054

View Code ZIP pw:eip

Nuclei Templates (1)

Joomla! Component redSHOP 1.0 - Local File Inclusion

HIGHby daffainfo

References (7)

[Exploit] http://packetstormsecurity.org/1004-exploits/joomlaredshop-lfi.txt

[Various Sources] http://redcomponent.com/redshop/redshop-changelog

[Vendor Advisory] http://secunia.com/advisories/39343

[Exploit] http://www.exploit-db.com/exploits/12054

[Third Party Advisory, VDB Entry] http://www.osvdb.org/63535

[Exploit] http://www.securityfocus.com/bid/39206

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/57512

Scores

EPSS 0.0319

EPSS Percentile 86.8%

Classification

CWE

CWE-22

Status draft

Affected Products (13)

redcomponent/com_redshop

Timeline

Published Apr 26, 2010

Tracked Since Feb 18, 2026