Summary
JomSocial is prone to a remote PHP code execution Vulnerability
Impact
Successful exploits will allow remote attackers to execute arbitrary commands within the context of the webserver.
Solution
Updates are available
Affected
Joomla JomSocial component version 2.6
Detection
Try to execute the phpinfo() command by using a special crafted HTTP POST request
References
Updated on 2015-03-25
Severity
Classification
-
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Apache Axis2 Document Type Declaration Processing Security Vulnerability
- Awstats Configuration File Remote Arbitrary Command Execution Vulnerability
- AstroSPACES profile.php SQL Injection Vulnerability
- Apache Struts2 'URL' & 'Anchor' tags Arbitrary Java Method Execution Vulnerabilities
- 4psa Voipnow Local File Inclusion Vulnerability