Joomla! Mac Gallery Component Arbitrary File Download Vulnerability Network Vulnerability

Summary

This host is installed with Joomla! Mac Gallery Component and is prone to arbitrary file download vulnerability.

Impact

Successful exploitation may allow an attacker to obtain sensitive information, which can lead to launching further attacks. Impact Level: Application

Solution

No solution or patch is available as of 20th February, 2015. Information regarding this issue will be updated once the solution details are available, For updates refer https://www.apptha.com/category/extension/Joomla/Joomla-Photo-Gallery

Insight

Flaw is due to the index.php script not properly sanitizing user-supplied input specifically path traversal style attacks (e.g. '../') to the 'albumid' parameter.

Affected

Joomla! Mac Gallery Component version 1.5 and prior.

Detection

Send a crafted request via HTTP GET and check whether it is able to download arbitrary file or not.

References

http://osvdb.com/112009
http://packetstormsecurity.com/files/128341
http://www.exploit-db.com/exploits/34755

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

APC PowerChute Network Shutdown 'security/applet' Cross Site Scripting Vulnerability
aeNovo Database Content Disclosure Vulnerability
Apache Struts Directory Traversal Vulnerability
11in1 Cross Site Request Forgery and Local File Include Vulnerabilities
Apache Struts Cross Site Scripting Vulnerability

Take action and discover your vulnerabilities