.. / CVE-2009-3053

Exploit for Joomla! Agora 3.0.0b - Local File Inclusion (CVE-2009-3053)

Description:

Joomla! Agora 3.0.0b (com_agora) allows remote attackers to include and execute arbitrary local files via local file inclusion in the action parameter to the avatars page, reachable through index.php.

Nuclei Template

View the template here CVE-2009-3053.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2009/CVE-2009-3053.yaml

References:

https://www.exploit-db.com/exploits/9564
https://nvd.nist.gov/vuln/detail/CVE-2009-3053
https://exchange.xforce.ibmcloud.com/vulnerabilities/52964
http://www.exploit-db.com/exploits/9564
https://github.com/ARPSyndicate/kenzer-templates

.. / CVE-2009-3053 if(localStorage["style"]=="true"){ document.getElementById('pagestyle').setAttribute('href','/assets/styleDark.css'); document.querySelector('input[type="checkbox"]').checked = true }

Exploit for Joomla! Agora 3.0.0b - Local File Inclusion (CVE-2009-3053)

Description:

Nuclei Template

Validate with Nuclei

.. / CVE-2009-3053