CVE-2010-1653
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2010-1653
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Directory traversal vulnerability in graphics.php in the Graphics (com_graphics) component 1.0.6 and 1.5.0 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Htmlcoderhelper Graphics 'graphics.php' 目录遍历漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Joomla!是一款开放源码的内容管理系统(CMS)。 Joomla!的Graphics (com_graphics)组件中的脚本graphics.php存在目录遍历漏洞,远程攻击者可通过index.php控件参数的".."符包含和执行任意本地文件。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2010-1653
| # | POC Description | Source Link | Shenlong Link |
|---|---|---|---|
| 1 | A directory traversal vulnerability in graphics.php in the Graphics (com_graphics) component 1.0.6 and 1.5.0 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2010/CVE-2010-1653.yaml | POC Details |
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2010-1653
请登录查看更多情报信息。
- Joomla! Component Graphics 1.0.6 - Local File Inclusion - PHP webapps Exploitexploitx_refsource_EXPLOIT-DB
- https://nvd.nist.gov/vuln/detail/CVE-2010-1653
Same Patch Batch · n/a · 2010-04-30 · 16 CVEs total
| CVE-2010-1650 | IBM WebSphere Application Server 加密问题漏洞 | |
| CVE-2010-1651 | IBM WebSphere Application Server 加密问题 | |
| CVE-2010-1652 | Help Center Live 'file' 参数目录遍历漏洞 | |
| CVE-2010-1654 | Infocus Real Estate Script 'system_member_login.php' 多个SQL注入漏洞 | |
| CVE-2010-1655 | PowerEasy和PowerEasy SiteWeaver 'User/User_ChkLogin.asp'跨站脚本攻击漏洞 | |
| CVE-2010-1656 | Airiny ABC SQL注入漏洞 | |
| CVE-2010-1657 | Recly SmartSite目录遍历漏洞 | |
| CVE-2010-1658 | Code-Garage NoticeBoard目录遍历漏洞 | |
| CVE-2010-1659 | Webkul Ultimate Portfolio目录遍历漏洞 | |
| CVE-2010-1660 | CLScript Classifieds Script 'help-details.php' SQL注入漏洞 | |
| CVE-2010-1661 | Jcink PHP-Quick-Arcade 多个SQL注入漏洞 | |
| CVE-2010-1662 | Jcink PHP-Quick-Arcade 'acpmoderate.php'多个跨站脚本攻击漏洞 | |
| CVE-2010-1663 | Google Chrome 'Google URL'解析库未明漏洞 | |
| CVE-2010-1664 | Google Chrome HTML5格式媒体处理缓冲区溢出 | |
| CVE-2010-1665 | Google Chrome 字体处理缓冲区溢出漏洞 |
IV. Related Vulnerabilities
V. Comments for CVE-2010-1653
No comments yet