VYPR
← All advisories
Unrated severityNVD Advisory· Published Nov 17, 2010· Updated Apr 29, 2026

CVE-2010-4270

CVE-2010-4270

Description

Directory traversal vulnerability in the nBill (com_netinvoice) component before 2.0.9 standard edition, 2.0.10 lite edition, and 1.2_10 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in unspecified vectors related to (1) administrator/components/com_nbill/admin.nbill.php, (2) components/com_nbill/nbill.php, (3) administrator/components/com_netinvoice/admin.netinvoice.php, or (4) components/com_netinvoice/netinvoice.php, as exploited in the wild in November 2010.

Affected products

3
  • Netshinesoftware/Com Netinvoice3 versions
    cpe:2.3:a:netshinesoftware:com_netinvoice:*:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:netshinesoftware:com_netinvoice:*:*:*:*:*:*:*:*range: <=1.2_10
    • cpe:2.3:a:netshinesoftware:com_netinvoice:*:*:std:*:*:*:*:*range: <=2.0.9
    • cpe:2.3:a:netshinesoftware:com_netinvoice:*:*:lite:*:*:*:*:*range: <=2.0.10

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

5

News mentions

0

No linked articles in our index yet.