CVE-2009-0113

Published: Jan 9, 2009Modified: Apr 23, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

Directory traversal vulnerability in attachmentlibrary.php in the XStandard component for Joomla! 1.5.8 and earlier allows remote attackers to list arbitrary directories via a .. (dot dot) in the X_CMS_LIBRARY_PATH HTTP header.

Affected (1)

Products: Joomla: Xstandard

Joomla

1 product

Xstandard

Configuration A

1 vulnerable · 29 platform

Vulnerable Software	Affected Versions
Joomla Xstandard	All versions

Running on/with	Platform Versions
Joomla Joomla	Up to 1.5.8
Joomla Joomla	Version 1.0.0
Joomla Joomla	Version 1.0.10
Joomla Joomla	Version 1.0.11
Joomla Joomla	Version 1.0.12
Joomla Joomla	Version 1.0.13
Joomla Joomla	Version 1.0.14
Joomla Joomla	Version 1.0.1
Joomla Joomla	Version 1.0.2
Joomla Joomla	Version 1.0.3
Joomla Joomla	Version 1.0.4
Joomla Joomla	Version 1.0.5
Joomla Joomla	Version 1.0.6
Joomla Joomla	Version 1.0.7
Joomla Joomla	Version 1.0.8
Joomla Joomla	Version 1.0.9
Joomla Joomla	Version 1.03
Joomla Joomla	Version 1.0
Joomla Joomla	Version 1.5.0 beta1
Joomla Joomla	Version 1.5.0 beta2
Joomla Joomla	Version 1.5.0 beta
Joomla Joomla	Version 1.5.0 rc1
Joomla Joomla	Version 1.5.1
Joomla Joomla	Version 1.5.2
Joomla Joomla	Version 1.5.3
Joomla Joomla	Version 1.5.4
Joomla Joomla	Version 1.5.5
Joomla Joomla	Version 1.5.6
Joomla Joomla	Version 1.5