Description

PHP remote file inclusion vulnerability in index.php in Joomla! 1.0.11 through 1.0.14, when RG_EMULATION is enabled in configuration.php, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.

Remediation

References

CVE-2008-5671

Related Vulnerabilities

WordPress Plugin Import any XML or CSV File to WordPress Cross-Site Scripting (3.4.5)

WordPress Plugin Leaflet 'id' Parameter Cross-Site Scripting (0.0.1)

WordPress Plugin bbPress Members Only Cross-Site Request Forgery (1.2.1)

Zenphoto Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-5591)

WordPress Plugin Product Subtitle For WooCommerce Arbitrary File Disclosure (4.1)

Severity

High

Classification

CVE-2008-5671 CWE-94

Tags

Missing Update Known Vulnerabilities