Description

PHP remote file inclusion vulnerability in index.php in Joomla! 1.0.11 through 1.0.14, when RG_EMULATION is enabled in configuration.php, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.

Remediation

References

CVE-2008-5671

Related Vulnerabilities

PHP-Fusion URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-23182)

Oracle Database Server CVE-2007-5509 Vulnerability (CVE-2007-5509)

WordPress Plugin WPFront User Role Editor Unspecified Vulnerability (2.14.1)

WordPress Plugin Easy Social Icons Multiple Vulnerabilities (1.2.3.1)

MySQL CVE-2019-2632 Vulnerability (CVE-2019-2632)

Severity

High

Classification

CVE-2008-5671 CWE-94

Tags

Missing Update Known Vulnerabilities