Description

PHP remote file inclusion vulnerability in index.php in Joomla! 1.0.11 through 1.0.14, when RG_EMULATION is enabled in configuration.php, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.

Remediation

References

CVE-2008-5671

Related Vulnerabilities

WordPress Plugin WP Project Manager-Task, team, and project management featuring kanban board and gantt charts Cross-Site Request Forgery (2.4.9)

Oracle JRE CVE-2012-5089 Vulnerability (CVE-2012-5089)

WordPress Plugin Admin Custom Login Cross-Site Scripting (2.5.3.1)

IBM RTC Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-29701)

phpBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2002-2255)

Severity

High

Classification

CVE-2008-5671 CWE-94

Tags

Missing Update Known Vulnerabilities