Advertisement




Login Form






Lost Password?
No account yet? Register

Main Menu

Home
Download
Themes & Templates
Mod & Components
iGoogle Gadgets & Widgets
Get All In One
Submit For Review
Article & Tutorial
Search

You May Like




Other Features

My iBook Network
Twitter Signatures
CMS Vote Up
Play Android Games
Play Chrome Games
One Indonesia
Website Murah

Online Service

Web Tools
Escape HTML
Chat Room
Affiliate Program
Best Hosting

ArtisteerArtisteer - Joomla Theme Generator

Subscribe to RSS through Email:

Enter your email address:

Popular Review & Tutorial

Home arrow Article & Tutorial arrow Article & Tutorial arrow Articles & Tutorials arrow CMS Security Updates 
ALL |0-9 |A |B |C |D |E |F |G |H |I |J |K |L |M |N |O |P |Q |R |S |T |U |V |W |X |Y |Z

Article & Tutorial arrow Articles & Tutorials arrow CMS Security Updates

Joomla joomlaradio Component "mosConfig_live_site" File Inclusion Print E-mail
(0 votes)
Description:
Morgan has discovered a vulnerability in the joomlaradio component for Joomla, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system.

Input passed to the "mosConfig_live_site" parameter in admin.joomlaradiov5.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local or external resources.

Successful exploitation requires that "register_globals" is enabled.

The vulnerability is confirmed in version 5.0. Other versions may also be affected.

Solution:
Edit the source code to ensure that input is properly verified.

Provided and/or discovered by:
Morgan

Changelog:
2007-09-19: Added CVE reference.

Original Advisory:
http://milw0rm.com/exploits/4401

Source:
Secunia.com

 
 
[ Back ]
or browse in 35 languages:

Subscribe To

 Subscribe in RSS

Follow me...

Add to Technorati Favorites

http%3A%2F%2Fvivociti.com

Advertisement

Get Chitika Premium
Advertisement
Advertisement

Join MyiBook Network

Most Downloaded