Joomla Kochsuite Component <= 0.9.4 - Remote File Include Vulnerability

No description provided by source. !/usr/bin/env python coding: utf-8 import re from pocsuite.net import req from pocsuite.poc import Output, POCBase from pocsuite.utils import register class JoomlaKochsuiteComponentRemoteFileIncludePOCBase: vulID = '63855' version = '1' vulDate = '2006-10-17'...

Mambo mmp Component <= 1.2 - Remote File Include Vulnerability

No description provided by source. C Y BE R - W A R R i O R T I M mambo commmp Component mosConfigabsolutepath Remote File Inclusion Vulnerabilities Author: mdx Class : Remote cont@ct: bilkopatathotmaildotcom Code: help.mmp.php?, line 12 ?php global $mosConfigabsolutepath; require...

PHPSavant Savant2 stylesheet.php mosConfig_absolute_path Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/19151/info Savant2 is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to include arbitrary remote files containing...

Elxis CMS 2009.2 - Remote File Inclusion

\ \ \ / / / \ / / / |// / / // // / / / // // / installation folder.'; include$mosConfigabsolutepath.'/includes/systemplates/router.php'; exit; requireonce$mosConfigabsolutepath.'/includes/Core/loader.php'; file : index2.php http://site.com/elxis-cms/index2.php?mosConfigabsolutepath=sh...

Joomla swMenuPro Remote File Inclusion

========================================================= Joomla Component comswmenupro RFI Vulnerability ========================================================= +Title : Joomla Component comswmenupro RFI Vulnerability +Software : swMenuPro +Vendor : http://www.swmenupro.com/ +Download :...

Remote file inclusion

PHP remote file inclusion vulnerability in toolbarext.php in the BookLibrary combooklibrary component 1.5.2.4 Basic for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter...

CVE-2009-2633

PHP remote file inclusion vulnerability in toolbarext.php in the VehicleManager comvehiclemanager component 1.0 Basic for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in the InterJoomla ArtForms comartforms component 2.1b7 for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter to 1 imgcaptcha.php or 2 mp3captcha.php in...

Remote file inclusion

PHP remote file inclusion vulnerability in lib/onguma.class.php in the Onguma Time Sheet comongumatimesheet20 2.0 4b component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter...

CVE-2008-5789

Multiple PHP remote file inclusion vulnerabilities in the Recly Interactive Feederator comfeederator component 1.0.5 for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the 1 mosConfigabsolutepath parameter to a addtmsp.php, b edittmsp.php and c tmsp.php in includes/tmsp...

CVE-2008-5789

Multiple PHP remote file inclusion vulnerabilities in the Recly Interactive Feederator comfeederator component 1.0.5 for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the 1 mosConfigabsolutepath parameter to a addtmsp.php, b edittmsp.php and c tmsp.php in includes/tmsp...

Remote file inclusion

PHP remote file inclusion vulnerability in modules/modmainmenu.php in MosXML 1 Alpha allows remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...

CVE-2008-5206

CVE-2008-5206 affects MosXML 1 Alpha, specifically the modules/mod_mainmenu.php component. The vulnerability is a PHP remote file inclusion that allows an attacker to supply a URL via the mosConfig_absolute_path parameter and execute arbitrary PHP code on the server. This is a network-exposed fla...

joomlavirtue-rfi.txt

================================================================================================================================ o VirtueMart Google Base Component 1.1 Remote File Inclusion Vulnerability Software : comgooglebase version 1.1 Vendor : www.e-commerce-solution.co.uk Download :...

Joomla! Component Visites 1.1 - MosConfig_absolute_path Remote File Inclusion

Joomla! Component Visites 1.1 - MosConfigabsolutepath Remote File Inclusion source: https://www.securityfocus.com/bid/28942/info The Visites component for Joomla! is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue m...

CVE-2007-6038

PHP remote file inclusion vulnerability in xajaxfunctions.php in the JUser comjuser 1.0.14 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter...

Joomla Equipment JUser Component MosConfig_Absolute_Path远程文件包含漏洞

Joomla Equipment JUser Component MosConfigAbsolutePath Remote File Include Vulnerability Joomla Equipment JUser是一款基于PHP的WEB应用程序。 Joomla Equipment JUser不正确过滤用户提交的URI数据，远程攻击者可以利用漏洞以WEB权限执行任意PHP代码。 问题是由于'xajaxfunctions.php'脚本对用户提交的'mosConfigabsolutepath'参数缺少过滤，指定远程服务器上的任意文件作为包含参数，可导致以WEB权限执行任意PHP代码。...

CVE-2007-5389

The CVE-2007-5389 entry concerns the Joomla! swMenuFree (com_swmenufree) version 4.6 component, where a PHP remote file inclusion vulnerability exists in preview.php. The underlying issue allows an attacker to execute arbitrary PHP code by supplying a URL in the mosConfig_absolute_path parameter....

joomlawmtport-rfi.txt

wmtportfolio joomla component 1.0 Remote File Include Vulnerability Component : comwmtportfolio version 1.0 Download script : http://www.webmaster-tips.net/ Dicovered by : NoGe Contact : [email protected]...

mambobm.rfi.txt

Application : Bookmarks - mambo Component URL : http://mamboxchange.com/frs/download.php/4274/MOSComBookmarks25-Finala.zip Variable $mosConfigabsolutepath not sanitized: xpl works with registerglobals=on in components/combookmarks/bookmarksexport.php on line 22,27,29 $requireonce...