VYPR
← All advisories
Unrated severityNVD Advisory· Published Mar 23, 2010· Updated Apr 29, 2026

CVE-2010-1056

CVE-2010-1056

Description

Directory traversal vulnerability in the RokDownloads (com_rokdownloads) component before 1.0.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.

Affected products

18
  • Rockettheme/Com Rokdownloads18 versions
    cpe:2.3:a:rockettheme:com_rokdownloads:*:*:*:*:*:*:*:*+ 17 more
    • cpe:2.3:a:rockettheme:com_rokdownloads:*:*:*:*:*:*:*:*range: <=1.0
    • cpe:2.3:a:rockettheme:com_rokdownloads:0.91:a:*:*:*:*:*:*
    • cpe:2.3:a:rockettheme:com_rokdownloads:0.92:a:*:*:*:*:*:*
    • cpe:2.3:a:rockettheme:com_rokdownloads:0.93:a:*:*:*:*:*:*
    • cpe:2.3:a:rockettheme:com_rokdownloads:0.94:a:*:*:*:*:*:*
    • cpe:2.3:a:rockettheme:com_rokdownloads:0.95:a:*:*:*:*:*:*
    • cpe:2.3:a:rockettheme:com_rokdownloads:0.96:a:*:*:*:*:*:*
    • cpe:2.3:a:rockettheme:com_rokdownloads:0.97:a:*:*:*:*:*:*
    • cpe:2.3:a:rockettheme:com_rokdownloads:0.98:a:*:*:*:*:*:*
    • cpe:2.3:a:rockettheme:com_rokdownloads:1.0:b1:*:*:*:*:*:*
    • cpe:2.3:a:rockettheme:com_rokdownloads:1.0:b2:*:*:*:*:*:*
    • cpe:2.3:a:rockettheme:com_rokdownloads:1.0:b3:*:*:*:*:*:*
    • cpe:2.3:a:rockettheme:com_rokdownloads:1.0:b4:*:*:*:*:*:*
    • cpe:2.3:a:rockettheme:com_rokdownloads:1.0:b5:*:*:*:*:*:*
    • cpe:2.3:a:rockettheme:com_rokdownloads:1.0:b6:*:*:*:*:*:*
    • cpe:2.3:a:rockettheme:com_rokdownloads:1.0:b7:*:*:*:*:*:*
    • cpe:2.3:a:rockettheme:com_rokdownloads:1.0:b8:*:*:*:*:*:*
    • cpe:2.3:a:rockettheme:com_rokdownloads:1.0:b9:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

7

News mentions

0

No linked articles in our index yet.