Joomla Kochsuite Component <= 0.9.4 - Remote File Include Vulnerability

No description provided by source. !/usr/bin/env python coding: utf-8 import re from pocsuite.net import req from pocsuite.poc import Output, POCBase from pocsuite.utils import register class JoomlaKochsuiteComponentRemoteFileIncludePOCBase: vulID = '63855' version = '1' vulDate = '2006-10-17'...

Remote file inclusion

PHP remote file inclusion vulnerability in toolbarext.php in the BookLibrary combooklibrary component 1.5.2.4 Basic for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter...

CVE-2009-2633

PHP remote file inclusion vulnerability in toolbarext.php in the VehicleManager comvehiclemanager component 1.0 Basic for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter...

CVE-2007-6038

PHP remote file inclusion vulnerability in xajaxfunctions.php in the JUser comjuser 1.0.14 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter...

CVE-2007-2144

PHP remote file inclusion vulnerability in includes/CAltInstaller.php in the JoomlaPack comjpack 1.0.4a2 RE component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter...

CVE-2007-2144

PHP remote file inclusion vulnerability in includes/CAltInstaller.php in the JoomlaPack comjpack 1.0.4a2 RE component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter...

Remote file inclusion

PHP remote file inclusion vulnerability in modflatmenu.php in the Flatmenu 1.07 and earlier Mambo module allows remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter...

CVE-2007-0489

PHP remote file inclusion vulnerability in includes/functions.visohotlink.php in VisoHotlink 1.01 and possibly earlier allows remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter...

CVE-2006-6049

PHP remote file inclusion vulnerability in shambo2.php in the Shambo2 comshambo2 component for Mambo 4.5 allows remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter...

CVE-2006-6049

CVE-2006-6049 affects the Shambo2 (com_shambo2) component for Mambo 4.5. The vulnerability is a PHP remote file inclusion in shambo2.php, exploitable via a URL parameter mosConfig_absolute_path, enabling arbitrary PHP code execution. Root cause: unvalidated/unsafely used parameter allowing inclus...

CVE-2006-5254

PHP remote file inclusion vulnerability in registrationdetailed.inc.php in Mark Van Bellen Detailed User Registration comregistrationdetailed, aka regdetailed, 4.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter...

CVE-2006-4995

PHP remote file inclusion vulnerability in BSQ Sitestats bsqsitestats before 2.1.1 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter...

CVE-2006-4375

PHP remote file inclusion vulnerability in contxtd.class.php in the Contacts XTD ContXTD component for Mambo comcontxtd allows remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter. NOTE: another researcher has disputed this issue, saying that the softwar...

CVE-2006-4321

CVE-2006-4321 describes a PHP remote file inclusion in Coppermine Photo Gallery (component com_cpg) 1.0 and earlier for Mambo. An attacker can supply a URL via mosConfig_absolute_path to cause the application to include remote PHP code, enabling arbitrary code execution. The NVD entry notes a CVS...

CVE-2006-3947

PHP remote file inclusion vulnerability in components/commambatstaff/mambatstaff.php in the Mambatstaff 3.1b and earlier component for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter...

CVE-2006-3951

The vulnerability CVE-2006-3951 affects Mam-moodle alpha (com_moodle) for Mambo, via moodle.php where the mosConfig_absolute_path parameter enables PHP remote file inclusion, allowing remote code execution. This is documented in the NVD entry for PHP remote file inclusion in moodle.php, with the ...

CVE-2006-3846

PHP remote file inclusion vulnerability in extadminmenus.class.php in the MultiBanners 1.0.1 for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter...

mambo -- "register_globals" emulation layer overwrite vulnerability

A Secunia Advisory reports: peter MC tachatte has discovered a vulnerability in Mambo, which can be exploited by malicious people to manipulate certain information and compromise a vulnerable system. The vulnerability is caused due to an error in the "registerglobals" emulation layer in...