PHP remote file inclusion vulnerability in lib/tpl/default/main.php in the JD-Wiki Component (com_jd-wiki) 1.0.2 and earlier for Joomla!, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
References
Configurations
History
07 Nov 2023, 01:59
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2006-08-11 01:04
Updated : 2024-02-28 10:42
NVD link : CVE-2006-4074
Mitre link : CVE-2006-4074
CVE.ORG link : CVE-2006-4074
JSON object : View
Products Affected
joomla
- jd-wiki
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')