CVE-2010-4270

Basic Information

CVE State

PUBLISHED

Reserved Date

November 16, 2010

Published Date

November 16, 2010

Last Updated

September 16, 2024

Vendor

nBill

Product

nBill

Description

Directory traversal vulnerability in the nBill (com_netinvoice) component before 2.0.9 standard edition, 2.0.10 lite edition, and 1.2_10 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in unspecified vectors related to (1) administrator/components/com_nbill/admin.nbill.php, (2) components/com_nbill/nbill.php, (3) administrator/components/com_netinvoice/admin.netinvoice.php, or (4) components/com_netinvoice/netinvoice.php, as exploited in the wild in November 2010.

Tags

joomla php dotnet

CVSS Scores

Exploit Status

Exploited in the Wild

Yes (2010-11-16 23:00:00 UTC) Source