• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

More Mambo Site Server problems

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Exploits // System Weaknesses

View previous topic :: View next topic  
Author Message
ComSec
Trusted SF Member
Trusted SF Member


Joined: 26 Jul 2002
Posts: 16777215


Offline

PostPosted: Tue Jan 14, 2003 7:27 pm    Post subject: More Mambo Site Server problems Reply with quote

another follow up to the mambo server problems(see links)

http://www.security-forums.com/forum/viewtopic.php?t=2550
http://www.security-forums.com/forum/viewtopic.php?t=2611
=========================================

Mambo Site Server Remote Code Execution Vulnerability
Posted on 14 January 2003

Mambo PHP-Portal Vulnerability ( By Mindwarper :: mindwarper@hush.com :: )

<------- ------->

- ----------------------
Vendor Information:
- ----------------------

Homepage : http://www.mamboserver.com
Vendor : informed
Mailed advisory: 09/01/03
Vender Response : None yet

- ----------------------
Affected Versions:
- ----------------------

4.0.12 BETA and Prior

- ----------------------
Description:
- ----------------------



Mambo Site Server is a website portal tool written in php. A couple of vulnerabilies have been discovered including XSS and Remote Code Execution on the server with server permissions. A couple of includes and upload codes do not check for admin access or any type of restriction and allow attackers to run arbitrary code without permission. ....full details

http://www.net-security.org/vuln.php?id=2359
Back to top
View user's profile Send private message Visit poster's website
Giro
New Member
New Member


Joined: 25 Mar 2004
Posts: 22
Location: England

Offline

PostPosted: Wed Jan 15, 2003 11:26 am    Post subject: Reply with quote

Its a joke took me 5 mins to write a script to make me super administrator, P,s Dont forget to vote in my poll Rolling Eyes

http://www.finna.net/mambo/index.php
Back to top
View user's profile Send private message
ComSec
Trusted SF Member
Trusted SF Member


Joined: 26 Jul 2002
Posts: 16777215


Offline

PostPosted: Wed Jan 15, 2003 6:38 pm    Post subject: Reply with quote

Ol Man wrote:
Its a joke took me 5 mins to write a script to make me super administrator, P,s Dont forget to vote in my poll Rolling Eyes

http://www.finna.net/mambo/index.php


nice place you got.....yeah Mambo gotta get there act together and stop avoiding real serious issues....who knows what will turn up next.

voted in your poll for security.....(important)
Back to top
View user's profile Send private message Visit poster's website
ShaolinTiger
Forum Fanatic
Forum Fanatic


Joined: 18 Apr 2002
Posts: 16777215
Location: Kuala Lumpur, Malaysia

Offline

PostPosted: Wed Jan 15, 2003 6:40 pm    Post subject: Reply with quote

Heh, yeh I voted too.
Back to top
View user's profile Send private message Visit poster's website
Giro
New Member
New Member


Joined: 25 Mar 2004
Posts: 22
Location: England

Offline

PostPosted: Wed Jan 15, 2003 11:31 pm    Post subject: Reply with quote

ComSec wrote:
Ol Man wrote:
Its a joke took me 5 mins to write a script to make me super administrator, P,s Dont forget to vote in my poll Rolling Eyes

http://www.finna.net/mambo/index.php


nice place you got.....yeah Mambo gotta get there act together and stop avoiding real serious issues....who knows what will turn up next.

voted in your poll for security.....(important)


Not my site Razz
Back to top
View user's profile Send private message
ComSec
Trusted SF Member
Trusted SF Member


Joined: 26 Jul 2002
Posts: 16777215


Offline

PostPosted: Thu Jan 16, 2003 3:16 am    Post subject: Reply with quote

LOL ...gotcha Rolling Eyes

http://www.finna.net/mambo/index.php?option=displaypage&Itemid=56&op=page&SubMenu=

see how easy it is Wink
Back to top
View user's profile Send private message Visit poster's website
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Exploits // System Weaknesses All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register