Title:Joomla! Jtag Members Directory 安全漏洞 (CVE-2018-6008) Description:Joomla!是美国Open Source Matters团队开发的一套开源的内容管理系统(CMS),该系统提供RSS馈送、网站搜索等功能。Jtag Members Directory是使用在其中的一个会员管理插件。 Joomla! Jtag Members Directory 5.3.7版本中存在任意文件下载漏洞。攻击者可借助‘download_file’参数利用该漏洞下载任意文件。
Description
Joomla! Jtag Members Directory 5.3.7 is vulnerable to local file inclusion via the download_file parameter.
File Snapshot
id: CVE-2018-6008
info:
name: Joomla! Jtag Members Directory 5.3.7 - Local File Inclusion
autho
...
Shenlong Bot has cached this for you
Remarks
1. It is advised to access via the original source first.2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.