Joomla! Scriptegrator Plugin Multiple Local File Inclusion Vulnerabilities Network Vulnerability

Summary

This host is installed Joomla! with Scriptegrator plugin and is prone to multiple local file inclusion vulnerabilities.

Impact

Successful exploitation could allow attackers to perform directory traversal attacks and read arbitrary files on the affected application. Impact Level: Application

Solution

Upgrade to Joomla! Scriptegrator plugin Version 2.0.9 or later. For updates refer to http://www.greatjoomla.com/extensions/plugins/core-design-scriptegrator-plugin.html

Insight

The flaws are caused by improper validation of user-supplied input via the multiple parameter to multiple files, which allows attackers to read arbitrary files via a ../(dot dot) sequences.

Affected

Joomla! Scriptegrator plugin Version 1.5.5, Other versions may also be affected.

References

http://www.exploit-db.com/exploits/17394
http://www.greatjoomla.com/extensions/plugins/core-design-scriptegrator-plugin.html

Updated on 2015-03-25

Severity

Classification

CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

ArticleSetup Multiple Cross-Site Scripting and SQL Injection Vulnerabilities
Apache Struts ClassLoader Manipulation Vulnerabilities
A-Blog 'sources/search.php' SQL Injection Vulnerability
Adobe ColdFusion Authentication Bypass Vulnerability
Andy's PHP Knowledgebase 's' Parameter SQL Injection Vulnerability

Joomla! Scriptegrator plugin Multiple Local File Inclusion Vulnerabilities

Take action and discover your vulnerabilities