CVE-2008-4764 Scanner
Detects 'Directory Traversal' vulnerability in eXtplorer component for Joomla! affects v. 2.0.0 RC2 and earlier.
Short Info
Level
Medium
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 sec
Time Interval
744 sec
Scan only one
Url
Toolbox
-
The eXtplorer module (com_extplorer) is a popular file manager used in Joomla! CMS, which allows site administrators to handle their website files through an intuitive interface. With its user-friendly file browser, eXtplorer made it easy for users to upload, manage and share their site's files. The module has been in use for a long time and has become a go-to solution for many Joomla! users.
However, in 2008, a serious vulnerability was discovered in eXtplorer that was designated as CVE-2008-4764. The vulnerability involves a directory traversal flaw that allows remote attackers to read arbitrary files by injecting ".." (dot dot) in the dir parameter in a show_error action. This vulnerability was present in eXtplorer 2.0.0 RC2 and earlier versions, and it made users' websites vulnerable to security breaches.
When exploiting this vulnerability, an attacker could easily access unauthorized data, including sensitive information such as login credentials, financial records, and personal user data. The severity of the vulnerability was heightened since arbitrary code execution was possible, potentially allowing the attacker to take full control of the website and compromising the trust of website users.
At s4e.io, we offer pro features that enable website administrators to quickly learn about vulnerabilities in their digital assets. Subscribing to our service provides timely security alerts that can help thwart attacks before they occur. We pride ourselves on our ability to stay up-to-date on the latest threats and security vulnerabilities, and we use this knowledge to help our subscribers stay one step ahead of attackers. Protect your Joomla! website today with s4e.io.
REFERENCES