Description

Joomla! before 1.0.11 omits some checks for whether _VALID_MOS is defined, which allows attackers to have an unknown impact, possibly resulting in PHP remote file inclusion.

Remediation

References

CVE-2006-4470

Related Vulnerabilities

phpBB Improper Initialization Vulnerability (CVE-2001-1471)

Chamilo Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2018-1999019)

WordPress Plugin BP Profile Search PHP Object Injection (4.5.3)

MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-2931)

MySQL Use of Externally-Controlled Format String Vulnerability (CVE-2006-3469)

Severity

High

Classification

CVE-2006-4470

Tags

Missing Update Known Vulnerabilities