CVE-2010-1217

EPSS 1.90% · P83 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2010-1217

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Directory traversal vulnerability in the JE Form Creator (com_jeformcr) component for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via directory traversal sequences in the view parameter to index.php. NOTE: the original researcher states that the affected product is JE Tooltip, not Form Creator; however, the exploit URL suggests that Form Creator is affected.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

JE Form Creator组件目录遍历漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Joomla!是一款开放源码的内容管理系统（CMS）。 Joomla!的JE Form Creator（com_jeformcr）组件存在目录遍历漏洞。当停用magic_quotes_gpc时，远程攻击者可以通过index.php的view参数中的目录遍历序列读取任意文件。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2010-1217

#	POC Description	Source Link	Shenlong Link
1	A directory traversal vulnerability in the JE Form Creator (com_jeformcr) component for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via directory traversal sequences in the view parameter to index.php. NOTE -- the original researcher states that the affected product is JE Tooltip, not Form Creator; however, the exploit URL suggests that Form Creator is affected.	https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2010/CVE-2010-1217.yaml	POC Details

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2010-1217

请登录查看更多情报信息。

http://www.packetstormsecurity.org/1003-exploits/joomlajetooltip-lfi.txtx_refsource_MISC
http://osvdb.org/63120vdb-entryx_refsource_OSVDB
http://www.securityfocus.com/bid/38866vdb-entryx_refsource_BID
http://secunia.com/advisories/39063third-party-advisoryx_refsource_SECUNIA
http://www.exploit-db.com/exploits/11814exploitx_refsource_EXPLOIT-DB
https://nvd.nist.gov/vuln/detail/CVE-2010-1217

Same Patch Batch · n/a · 2010-03-30 · 49 CVEs total

CVE-2010-0522		Apple Mac OS X Server Admin 共享连接权限许可和访问控制漏洞
CVE-2010-0525		Apple Mac OS X Mail 逻辑错误漏洞
CVE-2010-0534		Apple Mac OS X Wiki Server权限许可和访问控制漏洞
CVE-2010-0056		Apple Mac OS AppKit Cocoa拼写检查缓冲区溢出
CVE-2010-0057		Apple Mac OS AFP Server 权限许可和访问控制漏洞
CVE-2010-0058		Apple Mac OS ClamAV freshclam设计错误漏洞
CVE-2010-0059		Apple Mac OS CoreAudio缓冲区溢出漏洞
CVE-2010-0533		Apple Mac OS X AFP共享的路径目录遍历漏洞
CVE-2009-2801		Apple Mac OS 应用防火墙权限许可和访问控制漏洞
CVE-2010-0523		Apple Mac OS X Wiki Server敏感信息泄露漏洞
CVE-2010-0524		Apple Mac OS X FreeRADIUS权限许可和访问控制漏洞
CVE-2010-0521		Apple Mac OS X Server Admin权限许可和访问控制漏洞
CVE-2010-0520		Apple Mac OS X QuickTime FLC堆缓冲区溢出漏洞
CVE-2010-0519		Apple Mac OS X QuickTime FlashPix整数溢出漏洞
CVE-2010-0518		Apple Mac OS X QuickTime Sorenson内存破坏漏洞
CVE-2010-0517		Apple Mac OS X QuickTime M-JPEG堆缓冲区溢出漏洞
CVE-2010-0516		Apple Mac OS X QuickTime RLE堆缓冲区溢出漏洞
CVE-2010-0515		Apple Mac OS X QuickTime H.264缓冲区溢出漏洞
CVE-2010-0514		Apple Mac OS X QuickTime H.261堆溢出漏洞
CVE-2010-0513		Apple Mac OS X PS Normalizer PostScript栈溢出漏洞

Showing top 20 of 49 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2010-1217

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2010-1217

I. Basic Information for CVE-2010-1217

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2010-1217

III. Intelligence Information for CVE-2010-1217

Same Patch Batch · n/a · 2010-03-30 · 49 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2010-1217

Leave a comment