Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
LFI / RCE vlunerability in Joomla Community Builder Enhenced (CBE) Component
Oct 08 2010 11:31AM
Delf Tonder (delf tonder gmx de)
Joomla CBE suffers from a local file inclusion vulnerability. As CBE
also offers file uploading functionality that allows to upload files
that contain php-code, this can be used to execute arbitary
system-commands on the host with the webservers privileges.
[ more ]
Copyright 2010, SecurityFocus