CVE-2011-4804

EPSS 10.12% · P93 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2011-4804

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Directory traversal vulnerability in the obSuggest (com_obsuggest) component before 1.8 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Joomla! obSuggest组件目录遍历漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Joomla!是美国Open Source Matters团队的一套使用PHP和MySQL开发的开源、跨平台的内容管理系统(CMS)。 Joomla!的obSuggest (com_obsuggest)组件1.8之前版本中存在目录遍历漏洞。远程攻击者可借助controller参数中的..（点点）读取任意文件。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2011-4804

#	POC Description	Source Link	Shenlong Link
1	A directory traversal vulnerability in the obSuggest (com_obsuggest) component before 1.8 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.	https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2011/CVE-2011-4804.yaml	POC Details

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2011-4804

请登录查看更多情报信息。

http://foobla.com/news/latest/obsuggest-1.8-security-release.htmlx_refsource_CONFIRM
http://www.securityfocus.com/bid/48944vdb-entryx_refsource_BID
http://secunia.com/advisories/46844third-party-advisoryx_refsource_SECUNIA
https://nvd.nist.gov/vuln/detail/CVE-2011-4804

Same Patch Batch · n/a · 2011-12-14 · 37 CVEs total

CVE-2011-4806		phpAlbum ‘main.php’ 跨站脚本漏洞
CVE-2011-3411		Microsoft Publisher无效指针远程代码执行漏洞
CVE-2011-3412		Microsoft Publisher代码注入漏洞
CVE-2011-3413		Microsoft 任意代码执行漏洞
CVE-2011-4800		Serv-U FTP Server目录遍历漏洞
CVE-2011-4801		ASAS ‘akeyActivationLogin.do’ SQL注入漏洞
CVE-2011-4802		Dolibarr 多个SQL注入漏洞
CVE-2011-4803		WordPress WPTouch插件SQL注入漏洞
CVE-2011-4805		SAP Crystal Report Server 2008 ‘pubDBLogon.jsp’跨站脚本漏洞
CVE-2011-3410		Microsoft Publisher越界数组索引远程代码执行漏洞
CVE-2011-4807		phpAlbum ‘main.php’目录遍历漏洞
CVE-2011-4808		Joomla! HM Community组件SQL注入漏洞
CVE-2011-4809		Joomla! HM Community组件多个跨站脚本漏洞
CVE-2011-4810		WHMCompleteSolution目录遍历漏洞
CVE-2011-4811		BestShopPro ‘pokaz_podkat.php’ SQL注入漏洞
CVE-2011-4812		BestShopPro ‘nowosci.php’跨站脚本漏洞
CVE-2011-4813		WHMCompleteSolution ‘clientarea.php’目录遍历漏洞
CVE-2011-4814		Dolibarr跨站脚本攻漏洞
CVE-2011-2019		Microsoft Windows不可信搜索路径漏洞
CVE-2011-2741		AAOP 权限许可和访问控制漏洞

Showing top 20 of 37 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2011-4804

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2011-4804

I. Basic Information for CVE-2011-4804

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2011-4804

III. Intelligence Information for CVE-2011-4804

Same Patch Batch · n/a · 2011-12-14 · 37 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2011-4804

Leave a comment