Joomla! Component Percha Gallery 1.6 Beta – ‘Controller’ Traversal Arbitrary File Access

• Exploit Database
• 12 阅读

• 作者： AntiSecurity
  日期： 2010-05-19
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/34006/

• source: https://www.securityfocus.com/bid/40244/info
   
  Multiple Percha components for Joomla are prone to multiple local file-include vulnerabilities because they fail to properly sanitize user-supplied input.
   
  An attacker can exploit these vulnerabilities to obtain potentially sensitive information and execute arbitrary local scripts in the context of the webserver process. This may allow the attacker to compromise the application and the computer; other attacks are also possible.
   
  The following Percha components are affected:
   
  com_perchaimageattach
  com_perchafieldsattach
  com_perchadownloadsattach
  com_perchagallery
  com_perchacategoriestree 
  
  http://www.example.com/index.php?option=com_perchagallery&controller=../../../../../../../../../../etc/passwd%00