.. / CVE-2010-2680

Exploit for Joomla! Component jesectionfinder - Local File Inclusion (CVE-2010-2680)

Description:

A directory traversal vulnerability in the JExtensions JE Section/Property Finder (jesectionfinder) component for Joomla! allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the view parameter to index.php.

Nuclei Template

View the template here CVE-2010-2680.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2010/CVE-2010-2680.yaml

References:

https://www.exploit-db.com/exploits/14064
https://exchange.xforce.ibmcloud.com/vulnerabilities/59796
http://packetstormsecurity.org/1006-exploits/joomlajesectionfinder-lfi.txt
https://nvd.nist.gov/vuln/detail/CVE-2010-2680
https://github.com/ARPSyndicate/kenzer-templates

.. / CVE-2010-2680 if(localStorage["style"]=="true"){ document.getElementById('pagestyle').setAttribute('href','/assets/styleDark.css'); document.querySelector('input[type="checkbox"]').checked = true }

Exploit for Joomla! Component jesectionfinder - Local File Inclusion (CVE-2010-2680)

Description:

Nuclei Template

Validate with Nuclei

.. / CVE-2010-2680