CVE-2007-1699

SWmenu Component for Joomla and Mambo - Remote File Inclusion via mosConfig_absolute_path Parameter

Title source: manual

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-1699. PoCs published by Cold Zero.

AI-analyzed exploit summary This exploit demonstrates a Remote File Include (RFI) vulnerability in MAMBO Modules SWmenu 4.0 via the `mosConfig_absolute_path` parameter in `ImageManager.php`. The attacker can include and execute arbitrary remote scripts by manipulating the parameter.

Description

Multiple PHP remote file inclusion vulnerabilities in the SWmenu (com_swmenupro and com_swmenufree) 4.0 component for Mambo and Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to ImageManager/Classes/ImageManager.php under the (1) components/ or (2) administrator/components/ directory trees.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Cold Zero · textwebappsphp

https://www.exploit-db.com/exploits/3557

View Code ZIP pw:eip

This exploit demonstrates a Remote File Include (RFI) vulnerability in MAMBO Modules SWmenu 4.0 via the `mosConfig_absolute_path` parameter in `ImageManager.php`. The attacker can include and execute arbitrary remote scripts by manipulating the parameter.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: MAMBO Modules SWmenu 4.0

No auth needed

Prerequisites: Target must have the vulnerable MAMBO module installed · Remote file inclusion must be enabled on the server

MITRE ATT&CK