Bugtraq mailing list archives
Re: Joomla x-shop <= 1.7 Remote File Include Vulnerability
From: "Carsten Eilers" <ceilers-lists () gmx de>
Date: Sat, 19 Aug 2006 00:51:50 +0200
Hi, crackers_child () sibersavascilar com schrieb am Fri, 18 Aug 2006 10:04:39 +0000:
Title : Joomla x-shop <= 1.7 Remote File Include Vulnerability Download : http://mamboxchange.com/frs/?group_id=187&release_id=1047 Bug in admin.x-shop.php <? include($mosConfig_absolute_path.'/administrator/components/com_x-shop/ languages/'.$mosConfig_lang.'.php'); session_start();
Strange thinks happens: There is not include in the admin.x-shop.php from the archive I downloaded this evening. Even stranger: There is no mosConfig_absolute_path in it, too. Same with the other files. What did you test? Regards Carsten -- Dipl.-Inform. Carsten Eilers IT-Sicherheit und Datenschutz <http://www.ceilers-it.de>
Current thread:
- Joomla x-shop <= 1.7 Remote File Include Vulnerability crackers_child (Aug 18)
- Re: Joomla x-shop <= 1.7 Remote File Include Vulnerability Carsten Eilers (Aug 22)