CVE-2010-2680

NUCLEI

Joomla! - Path Traversal

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2010-2680. PoCs published by Sid3^effects. A Nuclei detection template is also available.

AI-analyzed exploit summary This is a writeup describing a Local File Inclusion (LFI) vulnerability in the Joomla jesectionfinder component. It provides a demo URL and basic details but lacks actual exploit code or technical steps.

Description

Directory traversal vulnerability in the JExtensions JE Section/Property Finder (jesectionfinder) component for Joomla! allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the view parameter to index.php.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Sid3^effects · textwebappsphp
https://www.exploit-db.com/exploits/14064

This is a writeup describing a Local File Inclusion (LFI) vulnerability in the Joomla jesectionfinder component. It provides a demo URL and basic details but lacks actual exploit code or technical steps.

Classification
Writeup 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Theoretical
Target: Joomla jesectionfinder component
No auth needed
Prerequisites: Access to the vulnerable Joomla component
devstral-2 · analyzed Feb 16, 2026 Full analysis →

Nuclei Templates (1)

Joomla! Component jesectionfinder - Local File Inclusion
MEDIUMby daffainfo

References (4)

Core 4
Core References
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/41163
Exploit exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/14064
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/59796

Scores

EPSS 0.0120
EPSS Percentile 79.4%

Details

CWE
CWE-22
Status published
Products (1)
harmistechnology/com_jesectionfinder
Published Jul 12, 2010
Tracked Since Feb 18, 2026