BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
LFI / RCE vlunerability in Joomla Community Builder Enhenced (CBE) Component Oct 08 2010 11:31AM
Delf Tonder (delf tonder gmx de)
Hello full-disclosure!

Description:
Joomla CBE suffers from a local file inclusion vulnerability. As CBE
also offers file uploading functionality that allows to upload files
that contain php-code, this can be used to execute arbitary
system-commands on the host with the webservers privileges.
...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus