CVE-2010-0801 Information

Description

Directory traversal vulnerability in the AutartiTarot (com_autartitarot) component 1.0.3 for Joomla! allows remote authenticated users with \Public Back-end\ group permissions to read arbitrary files via directory traversal sequences in the controller parameter in an edit task to administrator/index.php. NOTE: some of these details are obtained from third party information.

Reference

http://osvdb.org/62041 http://packetstormsecurity.org/1001-exploits/joomlaautartitarot-traversal.txt http://secunia.com/advisories/38434 http://www.securityfocus.com/bid/38034