Sensitive Data: Joomla! Component com_sef - Local File Inclusion¶

Identifier: joomla_jvehicles_lfi

Scanner(s) Support¶

GraphQL Scanner	REST Scanner	WebApp Scanner

Description¶

A local file inclusion vulnerability in the Jvehicles (com_jvehicles) component version 1.0 for Joomla! allows remote attackers to load arbitrary files via the controller parameter in index.php.

Reference:

https://www.exploit-db.com/exploits/11997

Configuration¶

Example¶

Example configuration:

---
security_tests:
  joomla_jvehicles_lfi:
    assets_allowed:
    - REST
    - GRAPHQL
    - WEBAPP
    skip: false

Reference¶

`assets_allowed`¶

Type : List[AssetType]*

List of assets that this check will cover.

`skip`¶

Type : boolean

Skip the test if true.