PHP Remote File Inclusion in Onguma Time Sheet Component for Joomla!
CVE-2008-6347

Currently unrated

Key Information:

Vendor: Luigi Massa
Status: Onguma Time Sheet
Vendor: CVE Published:; 2 March 2009

🔔 Create Luigi Massa Vulnerability Alert

What is CVE-2008-6347?

A PHP remote file inclusion vulnerability exists in the Onguma Time Sheet component for Joomla!, specifically within the lib/onguma.class.php file. This security issue allows remote attackers to inject malicious PHP code by exploiting the mosConfig_absolute_path parameter. If successfully exploited, this vulnerability could lead to unauthorized execution of arbitrary scripts, compromising the integrity and confidentiality of the affected Joomla! installations.

References

https://www.exploit-db.com/exploits/6976

exploitx_refsource_EXPLOIT-DB

http://www.securityfocus.com/bid/32095

vdb-entryx_refsource_BID

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 2, 2009
Vulnerability Reserved
Mar 2, 2009