Mambo Rssxt Component 1.0 MosConfig_absolute_path Multiple Remote File Include Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/19593/info The Mambo Rssxt component for Joomla and Mambo is prone multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an...

Mambo Rssxt Component MosConfig_absolute_path远程文件包含漏洞

Mambo RSSXT是一款基于Mambo的应用模块。 Mambo RSSXT不正确过滤用户提交的URI数据，远程攻击者可以利用漏洞以WEB进程权限执行任意命令。 问题是多个脚本对用户提交的'mosConfigabsolutepath'参数缺少过滤，提交恶意的远程服务器作为包含对象，可导致以WEB进程权限执行任意PHP代码。 Mambo RSSXT Component 1.0 http://mamboxchange.com/projects/rssxt/...

Mambo Component Rssxt 1.0 - MosConfig_absolute_path Multiple Remote File Inclusions

Mambo Component Rssxt 1.0 - MosConfigabsolutepath Multiple Remote File Inclusions source: https://www.securityfocus.com/bid/19593/info The Mambo Rssxt component for Joomla and Mambo is prone multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. An...