CVE-2009-3318

Name of the Vulnerable Software and Affected Versions Joomla! com album component version 1.14

Description A directory traversal issue allows remote attackers to access arbitrary directories and potentially have other unspecified impacts by using a .. (dot dot) in the target parameter to "index.php".

Recommendations For version 1.14, update to a newer version that contains a fix for this issue. As a temporary workaround, consider restricting access to the "index.php" endpoint to minimize the risk of exploitation. Avoid using the target parameter in the affected endpoint until the issue is resolved.