Directory Traversal Vulnerability in Pro Desk Support Center by Joomla!
CVE-2008-6222

Currently unrated

Key Information:

Vendor: Joomlashowroom
Status: Pro Desk Support Center
Vendor: CVE Published:; 20 February 2009

🔔 Create Joomlashowroom Vulnerability Alert

Badges

👾 Exploit Exists🟡 Public PoC🟣 EPSS 11%

What is CVE-2008-6222?

The Pro Desk Support Center component for Joomla! is vulnerable to a directory traversal attack. This vulnerability allows remote attackers to access arbitrary files on the server by exploiting a flaw in the handling of the 'include_file' parameter in index.php. By using '../' sequences, an attacker can traverse the directory structure and read sensitive files, potentially leading to further exploitation of the system.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2008-6222 - Proof of Concept

References

http://secunia.com/advisories/32523

third-party-advisoryx_refsource_SECUNIA

https://exchange.xforce.ibmcloud.com/vulnerabilities/46356

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/32113

vdb-entryx_refsource_BID

EPSS Score

11% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Feb 20, 2009
👾
Exploit known to exist
Feb 20, 2009
Vulnerability published
Feb 20, 2009
Vulnerability Reserved
Feb 20, 2009

CVE-2008-6222 Data

JSON