header-logo
Suggest Exploit
vendor:
com_dailymeals
by:
FL0RiX
8,8
CVSS
HIGH
Local File Inclusion (LFI)
22
CWE
Product Name: com_dailymeals
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2009

Joomla Component com_dailymeals

A vulnerability in the Joomla component com_dailymeals allows an attacker to perform a Local File Inclusion (LFI) attack. This vulnerability is caused by insufficient sanitization of user-supplied input in the 'controller' parameter of the 'index.php' script. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing directory traversal characters (e.g. '../') to the vulnerable server. This will allow the attacker to include and execute arbitrary local files on the server.

Mitigation:

The vendor has released a patch to address this vulnerability. It is recommended to apply the patch as soon as possible.
Source

Exploit-DB raw data:

@~~=======================================~~@

@~~=Script   : Joomla Component com_dailymeals

@~~=Author   : FL0RiX

@~~=Greez : Deep-Power ,Pyske,Wretch-x & All Friends

@~~=Home : www.oltan.org

@~~=Bug Type : Local File Inlusion(LFI)

@~~=Dork : inurl:"com_dailymeals"

@~~=Note : Finished My Life :( ..!!..!!
@~~=======================================~~@

@~~=Vuln

http://server/ [Yol] /index.php?option=com_dailymeals&view=dailymeals&controller=[-LFI-]

Navigation

Suggest Exploit

Services By CQR