• A remote file inclusion vulnerability was reported in Joomla! core. It is possible for a remote attacker to extract a remotely hosted archive while you are extracting a backup archive or installing an update, depending on your server settings.
  
  Affected versions: Versions: 2.5.4 through 2.5.25, 3.2.5 and earlier 3.x versions, 3.3.0 through 3.3.4.

• Upgrade to the latest version of Joomla!.

• • [20140903] - Core - Remote File Inclusion
  • Security update, September 2014

• 

• CVE-2014-7228.xml

• CWE-98

• CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

• File Inclusion

• Drupal Core 6.x Local File Inclusion (6.0 - 6.9)
• Joomla! Core 1.0 Remote File Inclusion (1.0.0 - 1.0.0)
• WordPress Plugin Adavnced Video embed Local File Inclusion (1.0)
• WordPress Plugin Theme My Login Local File Inclusion (6.3.9)
• WordPress Plugin Crayon Syntax Highlighter 'wp_load' Parameter Remote File Include (1.12.1)