Threat Encyclopedia

Joomla!.Component.Jw.AllVideos.Arbitrary.File.Download

description-logoDescription

This indicates an attack attempt against an Arbitrary File Download vulnerability in Joomla! component JoomlaWorks AllVideos.
The vulnerability is due to insufficient sanitizing of user supplied inputs when handling a crafted HTTP request. An unauthenticated remote attacker can exploit this to download backup files that results in disclosure of information which could be used to further compromise the targeted system.

affected-products-logoAffected Products

Joomla! component JoomlaWorks AllVideos version 3.0 to version 3.2

Impact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

recomended-action-logoRecommended Actions

Applied patch or upgrade to the latest version from the vendor.
https://www.joomlaworks.net

CVE References

CVE-2010-0696

Other References

11447