Angela Zhang

**Name of the Vulnerable Software and Affected Versions** Joomla! component com vjdeo versions 1.0 through 1.0.1 **Description** A directory traversal issue exists, allowing remote attackers to read arbitrary files. This is achieved by using a .. (dot dot) in the `controller` parameter to "index.php". **Recommendations** For versions 1.0 and 1.0.1, consider restricting access to the "index.php" endpoint until a fix is available. As a temporary workaround, avoid using the `controller` parameter in the "index.php" endpoint to minimize the risk of exploitation.