Description

PHP remote file inclusion vulnerability in index.php in Joomla! 1.0.11 through 1.0.14, when RG_EMULATION is enabled in configuration.php, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.

Remediation

References

CVE-2008-5671

Related Vulnerabilities

Oracle JRE CVE-2013-1478 Vulnerability (CVE-2013-1478)

IBM RTC Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-7440)

Joomla Other Vulnerability (CVE-2006-7009)

WordPress Plugin Count per Day 'notes.php' Cross-Site Scripting (3.2.3)

WordPress Plugin Broken Link Checker Unspecified Vulnerability (1.10.7)

Severity

High

Classification

CVE-2008-5671 CWE-94

Tags

Missing Update Known Vulnerabilities