Joomla Medi-QnA Component "controller" File Inclusion Vulnerability

SECUNIA ADVISORY ID:
SA39965

VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/39965/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=39965

RELEASE DATE:
2010-05-29

DESCRIPTION:
A vulnerability has been reported in the Medi-QnA component for
Joomla, which can be exploited by malicious people to disclose
potentially sensitive information.

Input passed to the "controller" parameter in index.php (when
"option" is set to "com_mediqna") is not properly verified before
being used to include files. This can be exploited to include
arbitrary files from local resources via directory traversal attacks
and URL-encoded NULL bytes.

The vulnerability is reported in version 1.1. Other versions may also
be affected.

SOLUTION:
Update to version 1.2.

PROVIDED AND/OR DISCOVERED BY:
kaMtiEz

ORIGINAL ADVISORY:
Medi-QnA:
http://www.famouswebsites.biz/JED/Medi-QnA/Medi-QnA.php