Joomla Component Restaurante

vendor:

by:

Cold z3ro

N/A

CVSS

N/A

Remote File Upload

CWE

Product Name: Joomla Component Restaurante

Affected Version From:

Affected Version To:

Patch Exists: NO

Related CWE:

CPE:

Metasploit:

Other Scripts:

Platforms Tested:

2007

Joomla Component Restaurante <= Remote File Upload Vulnerability

Attacker can upload any file using the link joomla/index.php?option=com_restaurante&task=upload. After uploading the file, the attacker can find it in /components/com_restaurante/img_original directory. The attacker should add (.) before the filename. Example: if the attacker uploaded a file named shell.php.jpg, its name will be like .shell.php.jpg in the path /components/com_restaurante/img_original/.shell.php.jpg.

Mitigation:

Unknown

Source

Exploit-DB raw data:

Joomla Component Restaurante <= Remote File Upload Vulnerability

found by  : Cold z3ro

Homepage : www.hackteach.org , www.xp10.com

================================================================

@################################################################@
# joomla/index.php?option=com_restaurante&task=upload
#
# /joomla/components/com_restaurante/img_original/.shell.php.jpg
#
# Dork : /index.php?option=com_restaurante
@################################################################@


Attacker can upload any file using this link

joomla/index.php?option=com_restaurante&task=upload

after upload the file , He can find it in :

/components/com_restaurante/img_original

But the attacker should add ( Point ) befor filename

Example :

if attacker uploaded file named shell.php.jpg

its name will by like this .shell.php.jpg

in path :

/components/com_restaurante/img_original/.shell.php.jpg

# milw0rm.com [2007-09-08]