--------------------------------------------------------------------------- Peoplebook Mambo Component <= v1.0 Remote File Include Vulnerabilities --------------------------------------------------------------------------- Author : Matdhule Date : August, 14th 2006 Location : Indonesia, Jakarta Critical Lvl : Highly critical Impact : System access Where : From Remote --------------------------------------------------------------------------- Affected software description: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Peoplebook Component Application : Peoplebook Component version : 1.0 URL : www.mamboforge.net/projects/peoplebook --------------------------------------------------------------------------- Vulnerability: ~~~~~~~~~~~~~~ in folder com_peoplebook we found vulnerability script param.peoplebook.php. -----------------------param.peoplebook.php---------------------- ....