Joomla Component DW Graph Local File Inclusion

vendor:

DW Graph Component

by:

Chip D3 Bi0s

N/A

CVSS

N/A

Local File Inclusion

CWE

Product Name: DW Graph Component

Affected Version From: DW Graph Component 1.0

Affected Version To: DW Graph Component 1.0

Patch Exists: NO

Related CWE: N/A

CPE: a:decryptweb:dw_graph_component

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Joomla 1.5

2010

Joomla Component DW Graph Local File Inclusion

A vulnerability exists in the DW Graph Component for Joomla 1.5, which allows an attacker to include a local file via a specially crafted URL. The vulnerability is due to insufficient sanitization of user-supplied input to the 'controller' parameter in the 'dwgraphs.php' script. An attacker can exploit this vulnerability to include a local file from the web server and execute arbitrary code.

Mitigation:

Input validation should be used to ensure that user-supplied input is properly sanitized.

Source

Exploit-DB raw data:

---------------------------------------------------------------------------------
Joomla Component DW Graph Local File Inclusion
---------------------------------------------------------------------------------

Author		: Chip D3 Bi0s
Group		: LatinHackTeam
Email & msn	: chipdebios@gmail.com
Date		: 31 March 2010
Critical Lvl	: Moderate
Impact		: Exposure of sensitive information
Where		: From Remote
---------------------------------------------------------------------------

Affected software description:
~~~~~~~~~~~~~~~~~~~~~~~~~~~


Application	: DW Graph Component
Developer	: DecryptWeb
License		: GPL            type  : Commercial
Price		: $5.00 
Date Added	: 25 March 2010
Download	: http://shop.decryptweb.com/extensions/joomla/graph-component.html
my gift (free)	: http://rapidshare.com/files/370201416/dwgraphs_unzipfirst.zip.html


Description     :

DW Graph Component is a Joomla 1.5 native component
for displaying graphs. With this component you can
input numerical values with the help of CSV file and
can show graphical representation of the input data
in the site frontend. Various parameters can be configured
for display of graph.

---------------------------------------------------------------------------

file error	: /components/com_dwgraphs/dwgraphs.php

how to exploit

http://127.0.0.1/index.php?option=com_dwgraphs&controller={lfi}%00


+++++++++++++++++++++++++++++++++++++++
[!] Produced in South America
+++++++++++++++++++++++++++++++++++++++