CVE-2010-4270

N/A

Directory traversal vulnerability in the nBill (com_netinvoice) component before 2.0.9 standard edition, 2.0.10 lite edition, and 1.2_10 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in unspecified vectors related to (1) administrator/components/com_nbill/admin.nbill.php, (2) components/com_nbill/nbill.php, (3) administrator/components/com_netinvoice/admin.netinvoice.php, or (4) components/com_netinvoice/netinvoice.php, as exploited in the wild in November 2010.

N/A

N/A

Netshinesoftware nBill组件目录遍历漏洞

Joomla!是美国Open Source Matters团队的一套使用PHP和MySQL开发的开源、跨平台的内容管理系统(CMS)。 基于Joomla!的nBill(com_netinvoice)组件2.0.9标准版本，2.0.10简化版本，以及1.2_10的之前版本中存在目录遍历漏洞。远程攻击者可以借助和(1)administrator/components/com_nbill/admin.nbill.php文件，(2)components/com_nbill/nbill.php文件，(3)admin

N/A

N/A