[VIM] Joomla Component com_morfeoshow RFI Vulnerability
George A. Theall
theall at tenablesecurity.com
Wed Dec 30 02:29:46 UTC 2009
Exploit DB #10724 concerns a supposed file inclusion vulnerability in
the MorfeoShow component for Joomla. FloriX calls it a remote file
inclusion in the title but suggests it's a local file include in the
PoC. The PoC definitely won't work as the first executable line in
morfeoshow.html.php is:
defined( '_JEXEC' ) or die( 'Restricted access' );
meaning if you try the PoC in the advisory you'll see "Restricted
access" as the script fails right at the start.
Also, the file defines a class and doesn't otherwise offer a way
itself to access the member functions.
Finally, a quick egrep of the files included in the distribution file
associated with the Exploit DB advisory failed to turn up any calls
where an attacker could control arguments to an include / require /
include_once / require_once.
George
--
theall at tenablesecurity.com
More information about the VIM
mailing list