PHP Remote File Inclusion in Onguma Time Sheet Component for Joomla!
CVE-2008-6347

Currently unrated

Key Information:

Vendor

Luigi Massa

Status
Onguma Time Sheet
Vendor
CVE Published:
2 March 2009

What is CVE-2008-6347?

A PHP remote file inclusion vulnerability exists in the Onguma Time Sheet component for Joomla!, specifically within the lib/onguma.class.php file. This security issue allows remote attackers to inject malicious PHP code by exploiting the mosConfig_absolute_path parameter. If successfully exploited, this vulnerability could lead to unauthorized execution of arbitrary scripts, compromising the integrity and confidentiality of the affected Joomla! installations.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://www.exploit-db.com/exploits/6976
exploitx_refsource_EXPLOIT-DB
http://www.securityfocus.com/bid/32095
vdb-entryx_refsource_BID

EPSS Score

7% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.