CVE-2010-2035

Name of the Vulnerable Software and Affected Versions Joomla! Percha Gallery component version 1.6 Beta

Description The issue allows remote attackers to read arbitrary files and possibly have other impacts by exploiting a directory traversal vulnerability in the Percha Gallery component for Joomla!. This is achieved by using a .. (dot dot) in the controller parameter to index.php.

Recommendations For Joomla! Percha Gallery component version 1.6 Beta, consider restricting access to the index.php endpoint until a patch is available. As a temporary workaround, avoid using the controller parameter in the index.php endpoint to minimize the risk of exploitation.