joomlamamml-upload.txt

2008-07-23T00:00:00
ID PACKETSTORM:68456
Type packetstorm
Reporter e.wiZz!
Modified 2008-07-23T00:00:00

Description

                                        
                                            `Joomla Component com_mamml Remote file upload&File disclosure vulnerability  
  
  
By: e.wiZz!  
  
  
In the wild....  
  
  
Dork: allinurl:"com_mamml"  
  
Bugs example:  
  
www.inthewild.com/<PATH>/com_mamml/admin.mamml.html.inc  
  
POC:  
  
http://www.schmalls.com/update/0.4.10/administrator/components/com_mamml/admin.mamml.html.inc  
  
  
Others:  
  
admin.mamml.html.inc   
admin.mamml.inc   
classes/   
configuration.inc   
images/   
install.mamml.inc   
mamml.png   
mamml.version.inc   
mamml.xml   
toolbar.mamml.html.inc   
toolbar.mamml.inc   
uninstall.mamml.inc `