Vulnerability CVE-2010-2129

Vulnerability CVE-2010-2129

Published: 2010-06-01 Modified: 2012-02-13

Description:

	Topic	Author	Date
Med.	JE Ajax Event Calendar Local File Inclusion Vulnerability	Valentin	04.06.2010

Type:

(Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'))

CVSS Base Score	Impact Subscore	Exploitability Subscore
6.8/10	6.4/10	8.6/10

Affected software
Harmistechnology -> Com jeajaxeventcalendar

http://xforce.iss.net/xforce/xfdb/58602

http://www.xenuser.org/2010/05/14/joomla-component-je-ajax-event-calendar-local-file-inclusion-vulnerability/

http://www.securityfocus.com/bid/40179

http://www.osvdb.org/64704

http://www.exploit-db.com/exploits/12598

http://secunia.com/advisories/39836

http://packetstormsecurity.org/1005-exploits/joomlaajaxec-lfi.txt