Remote File Inclusion Vulnerability in Joomla! SEF404x Component
CVE-2010-2681

Currently unrated

Key Information:

Vendor: Joomla
Status: Com Sef
Vendor: CVE Published:; 12 July 2010

Summary

The Joomla! SEF404x (com_sef) component is susceptible to a PHP remote file inclusion vulnerability. Attackers can exploit this weakness by manipulating the mosConfig.absolute.path parameter in the index.php file, enabling them to execute arbitrary PHP code remotely. This flaw highlights the critical need for robust security practices in web applications to protect against unauthorized code execution.

References

http://www.exploit-db.com/exploits/14055

exploitx_refsource_EXPLOIT-DB

http://www.vupen.com/english/advisories/2010/1619

vdb-entryx_refsource_VUPEN

http://www.securityfocus.com/bid/41166

vdb-entryx_refsource_BID

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jul 12, 2010