CVE-2010-2680
Description
Directory traversal vulnerability in the JExtensions JE Section/Property Finder (jesectionfinder) component for Joomla! allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the view parameter to index.php.
Predictions
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No mitigations published for this CVE yet.
The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ if you've already worked around this in production โ publish your fix to the community-verified tier.
โ Propose a mitigation on Community โ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here withsource_tier=community-verified.
Exploits
Public proof-of-concept code below. AS-IS, for defenders and authorised testing only.
Exploit-DB
Joomla! Component jesectionfinder - Local File Inclusion
Name : Joomla jesectionfinder LFI Vulnerability
Date : june, 26 2010
Critical Level : HIGH
Vendor Url : http://joomlaextensions.co.in/component/awd_song/
Google Dork: inurl:/component/jesectionfinder/
Price:$25.00
Author : Sid3^effects aKa HaRi <shell_c99[at]yahoo.com>
special thanks to : r0073r (inj3ct0r.com),L0rd CruSad3r,MaYur,MA1201,KeDar,Sonic,gunslinger_
greetz to :www.topsecure.net ,All ICW members and my friends :) luv y0 guyz
#######################################################################################################
Description:
This component for web-based business that specialises in buying and selling sections nationwide. Our aim is easy to connect the seller of
land directly to the buyer, its simple.
Easy to handle that component functionallity.
User can add your section/property into particular listing option. Listing option manages from the backend. User selects his plan (Listing
option) and enters property detail (with images). After use see that preview and make it payment. If user makes it payment successfully
than it display automating otherwise his listing not published.
User searches property and contact seller for more detail.
#######################################################################################################
Xploit:jesectionfinder LFI
DEMO URL : http://server/propertyfinder/component/jesectionfinder/?view=[LFI]
###########################################################################Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| harmistechnology | com_jesectionfinder | | |
| joomla | joomla\! | | |
References
- http://packetstormsecurity.org/1006-exploits/joomlajesectionfinder-lfi.txt
- http://www.exploit-db.com/exploits/14064
- http://www.securityfocus.com/bid/41163
- https://exchange.xforce.ibmcloud.com/vulnerabilities/59796
- http://packetstormsecurity.org/1006-exploits/joomlajesectionfinder-lfi.txt
- http://www.exploit-db.com/exploits/14064
- http://www.securityfocus.com/bid/41163
- https://exchange.xforce.ibmcloud.com/vulnerabilities/59796
CWEs
CWE-22
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.