PHP Remote File Inclusion Vulnerability in OpenWiki Component for Joomla!
CVE-2007-3130

Currently unrated

Key Information:

Vendor: Joomla
Status: Jd-wiki
Vendor: CVE Published:; 8 June 2007

Summary

The OpenWiki component (com_jd-wiki) for Joomla! is susceptible to multiple PHP remote file inclusion vulnerabilities. These flaws enable remote attackers to inject and execute arbitrary PHP code by manipulating the mosConfig_absolute_path parameter within specific scripts like dwpage.php and wantedpages.php. Exploiting this vulnerability can lead to unauthorized access and control over affected Joomla! sites, posing a significant security risk for web administrators.

References

http://www.securityfocus.com/bid/24342

vdb-entryx_refsource_BID

http://osvdb.org/37472

vdb-entryx_refsource_OSVDB

http://osvdb.org/37473

vdb-entryx_refsource_OSVDB

Timeline

Vulnerability published
Jun 8, 2007
Vulnerability Reserved
Jun 8, 2007