Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2008-6172 PoC — Weberr RWCards 'captcha_image.php'本地文件包含漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2008/CVE-2008-6172.yaml
Associated Vulnerability
Title:Weberr RWCards 'captcha_image.php'本地文件包含漏洞 (CVE-2008-6172)
Description:RWCards是Joomla!的电子卡片组件。 RWCards (com_rwcards) 3.0.11组件的captcha/captcha_image.php中存在目录遍历漏洞,当magic_quotes_gpc被中止时,远程攻击者可以借助img参数zhogn的目录遍历序列,包含和运行任意本地文件。
Description
A directory traversal vulnerability in captcha/captcha_image.php in the RWCards (com_rwcards) 3.0.11 component for Joomla! when magic_quotes_gpc is disabled allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the img parameter.
File Snapshot

 id: CVE-2008-6172

info:
  name: Joomla! Component RWCards 3.0.11 - Local File Inclusion
  author: d

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.