Luth1er

3 exploits Active since Jul 2012
CVE-2017-18345 NOMISEC CRITICAL WORKING POC
joomanager < 2.0.0 - Unauthenticated Arbitrary File Download via configuration.php Path Parameter
The Joomanager component through 2.0.0 for Joomla! has an arbitrary file download issue, resulting in exposing the credentials of the database via an index.php?option=com_joomanager&controller=details&task=download&path=configuration.php request.
8 stars
CVSS 9.8
CVE-2012-2688 VULNCHECK_XDB WORKING POC
PHP <5.3.15, <5.4.5 - Buffer Overflow
Unspecified vulnerability in the _php_stream_scandir function in the stream implementation in PHP before 5.3.15 and 5.4.x before 5.4.5 has unknown impact and remote attack vectors, related to an "overflow."
CVE-2017-18345 EXPLOITDB CRITICAL python WORKING POC
joomanager < 2.0.0 - Unauthenticated Arbitrary File Download via configuration.php Path Parameter
The Joomanager component through 2.0.0 for Joomla! has an arbitrary file download issue, resulting in exposing the credentials of the database via an index.php?option=com_joomanager&controller=details&task=download&path=configuration.php request.
CVSS 9.8