CVE-2010-1723

Name of the Vulnerable Software and Affected Versions Joomla! component com drawroot version 1.1

Description A directory traversal issue exists, allowing remote attackers to read arbitrary files and possibly have other unspecified impacts. This is achieved by using a .. (dot dot) in the controller parameter to "index.php".

Recommendations For version 1.1, consider disabling the com drawroot component until a patch is available to prevent exploitation. Restrict access to the "index.php" endpoint to minimize the risk of directory traversal attacks. Avoid using the controller parameter in the affected endpoint until the issue is resolved.