PHP remote file inclusion vulnerability in admin.joomlaflashfun.php in the Flash Fun! (com_joomlaflashfun) 1.0 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter.
References
Configurations
Information
Published : 2007-09-18 13:17
Updated : 2017-09-28 18:29
NVD link : CVE-2007-4955
Mitre link : CVE-2007-4955
JSON object : View
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')
Products Affected
joomla
- flash_fun_component