Joomla.Tutorials GHDB: Apache directory listing Download Vulnerability

vendor:

Joomla com_intuit

by:

indoushka

N/A

CVSS

N/A

GHDB

Not available

CWE

Product Name: Joomla com_intuit

Affected Version From: /com_intuit

Affected Version To: /com_intuit (GET C=S;O=D)

Patch Exists: Not available

Related CWE: Not available

CPE: Not available

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: windows SP2 Français V.(Pnx2 2.0) + Lunix Français v.(9.4 Ubuntu)

Not available

Joomla.Tutorials GHDB: Apache directory listing Download Vulnerability

The description for this alert is contributed by the GHDB community, it may contain inappropriate language. This is a very basic string found on directory listing pages which show the version of the Apache web server. Hackers can use this information to find vulnerable targets without querying the servers. The Google Hacking Database (GHDB) appears courtesy of the Google Hacking community.

Mitigation:

Not available

Source

Exploit-DB raw data:

========================================================================================                  
| # Title    : Joomla.Tutorials GHDB: Apache directory listing Download Vulnerability  |
| # Author   : indoushka                                                               |
| # email    : indoushka@hotmail.com                                                   |
| # Home     : Souk Naamane - 04325 - Oum El Bouaghi - Algeria -(00213771818860)       |
| # Web Site : www.iq-ty.com                                                           |
| # Published:                                                                         |
| # Script   : Joomla com_intuit                                                       |
| # Tested on: windows SP2 Français V.(Pnx2 2.0) + Lunix Français v.(9.4 Ubuntu)       |
| # Bug      : GHDB                                                                    | 
======================      Exploit By indoushka       =================================
| # Exploit  : 
| 
| Vulnerability description:
| The description for this alert is contributed by the GHDB community, it may contain inappropriate language.
| 
| Category : Files containing juicy info
| 
| This is a very basic string found on directory listing pages which show the version of the Apache web server. 
| Hackers can use this information to find vulnerable targets without querying the servers.
| The Google Hacking Database (GHDB) appears courtesy of the Google Hacking community.
| Affected items:
| /com_intuit 
| /com_intuit (GET C=D;O=A) 
| /com_intuit (GET C=D;O=D) 
| /com_intuit (GET C=M;O=A) 
| /com_intuit (GET C=M;O=D) 
| /com_intuit (GET C=N;O=A) 
| /com_intuit (GET C=N;O=D) 
| /com_intuit (GET C=S;O=A) 
| /com_intuit (GET C=S;O=D) 
| The impact of this vulnerability:
| Not available. 
| How to fix this vulnerability:
| Not available.
================================   Dz-Ghost Team   ========================================
Greetz : all my friend * Dos-Dz * Snakespc * His0k4 * Hussin-X * Str0ke * Saoucha * Star08 |
Rafik (Tinjah.com) * Yashar (sc0rpion.ir) * Silitoad * redda * mourad (dgsn.dz) * 
-------------------------------------------------------------------------------------------