SECUNIA ADVISORY ID:
SA45570
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/45570/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=45570
RELEASE DATE:
2011-08-13
DESCRIPTION:
A vulnerability has been reported in the VPortfolio component for
Joomla!, which can be exploited by malicious users to disclose
sensitive information.
Certain unspecified input is not properly verified before being used.
This can be exploited to disclose the contents of arbitrary files from
local resources via directory traversal sequences.
The vulnerability is reported in versions prior to 1.2.
SOLUTION:
Update to version 1.2.
PROVIDED AND/OR DISCOVERED BY:
Reported by the Joomla! VEL team.
ORIGINAL ADVISORY:
VPortfolio:
http://vsmart-extensions.com/index.php?option=com_content&view=article&id=61:vportfolio-security-release-statement&catid=35:joomla-extensions&Itemid=137
Joomla!:
http://docs.joomla.org/Vulnerable_Extensions_List#V-portfolio