[VIM] Confirm - Mambo 4.5.1 Modules Flatmenu <= 1.07 Remote File Include Exploit
George A. Theall
theall at tenablesecurity.com
Mon Mar 26 11:31:04 UTC 2007
Like I said before, I'm suspicious of these sort of flaws in Mambo /
Joomla so I installed the software and took a look. Sure enough, the
flaw does exist. In modules/mod_flatmenu.php of 1.0 (beta) Build 07 for
Version 4.5.1, the first line of PHP code is:
require_once(
"$mosConfig_absolute_path/modules/mod_flatmenu.class.php" );
So, if register_globals is enabled, you have a vector for remote file
include attacks.
George
--
theall at tenablesecurity.com
More information about the VIM
mailing list