Description
Directory traversal vulnerability in the ccNewsletter (com_ccnewsletter) component 1.0.5 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter in a ccnewsletter action to index.php.
CVSS breakdown
CVSS 3.1
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
Low
Integrity
None
Availability
None
Affected products
- chillcreations / com_ccnewsletter1.0.5 – 1.0.5
Exploits & PoCs
- nucleiJoomla! Component CCNewsLetter - Local File Inclusionby daffainfo
References
- MISChttp://www.chillcreations.com/en/blog/ccnewsletter-joomla-newsletter/ccnewsletter-106-security-release.html
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/55953
- EXPLOIThttp://www.exploit-db.com/exploits/11282
- EXPLOIThttp://www.exploit-db.com/exploits/11277
- VENDOR_ADVISORYhttp://secunia.com/advisories/38378
- MISChttp://www.securityfocus.com/bid/37987