Directory traversal vulnerability in the Dione Form Wizard (aka FDione or com_dioneformwizard) component 1.0.2 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php.Referenceshttp://packetstormsecurity.org/1005-exploits/joomlafdione-lfi.txthttp://www.exploit-db.com/exploits/12595https://exchange.xforce.ibmcloud.com/vulnerabilities/58574http://www.securityfocus.com/bid/40166http://secunia.com/advisories/39755http://osvdb.org/64633
