PHP Remote File Inclusion Vulnerability in RS Gallery2 for Joomla!
CVE-2006-6962

Currently unrated

Key Information:

Vendor: Joomla
Status: Rs Gallery2
Vendor: CVE Published:; 29 January 2007

Summary

The RS Gallery2 component for Joomla! has a PHP remote file inclusion vulnerability located in the rsgallery2.html.php file. An attacker can exploit this flaw by manipulating the mosConfig_absolute_path parameter, which can lead to the execution of arbitrary PHP code on the server. This vulnerability highlights the importance of securing parameters in user inputs to prevent code execution attacks.

References

https://www.exploit-db.com/exploits/1959

exploitx_refsource_EXPLOIT-DB

http://www.vupen.com/english/advisories/2006/2581

vdb-entryx_refsource_VUPEN

https://exchange.xforce.ibmcloud.com/vulnerabilities/27418

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Jan 29, 2007
Vulnerability Reserved
Jan 29, 2007