Sensitive Data: Joomla! Component com_sef - Local File Inclusion¶

Identifier: joomla_jvehicles_lfi

Scanner(s) Support¶

GraphQL Scanner	REST Scanner	WebApp Scanner	ASM Scanner

Description¶

Joomla! component com_jvehicles version 1.0 contains a local file inclusion vulnerability that allows remote attackers to load arbitrary files via the controller parameter in index.php.

How we test: We test for local file inclusion vulnerabilities in Joomla com_jvehicles by injecting file path payloads into the controller parameter and analyzing responses to detect if local files can be included and their contents exposed.

Reference:

https://www.exploit-db.com/exploits/11997

Configuration¶

Example¶

Example configuration:

---
security_tests:
  joomla_jvehicles_lfi:
    skip: false

Reference¶

`skip`¶

Type : boolean

Skip the test if true.