CVE-2009-3053

Severity CVSS v4.0:
Pending analysis
Type:
CWE-22 Path Traversal
Publication date:
03/09/2009
Last modified:
09/04/2025

Description

Directory traversal vulnerability in the Agora (com_agora) component 3.0.0b for Joomla! allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the action parameter to the avatars page, reachable through index.php.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:joomla:joomla:*:*:*:*:*:*:*:*
cpe:2.3:a:jvitals:com_agora:3.0.0b:*:*:*:*:*:*:*