Vulnerability in N/a
CVE-2006-3774
PHP remote file inclusion vulnerability in performs.php in the perForms component (com_performs) 1.0 and earlier for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
EPSS: 0.629 (98.4th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
References
- 21044 (x_refsource_SECUNIA, third-party-advisory)
- 1263 (x_refsource_SREASON, third-party-advisory)
- 1016498 (vdb-entry, x_refsource_SECTRACK)
- ADV-2006-2786 (vdb-entry, x_refsource_VUPEN)
- performs-performs-file-include(27724) (vdb-entry, x_refsource_XF)
- 18968 (vdb-entry, x_refsource_BID)
- 20060713 perForms <= 1.0 ([mosConfig_absolute_path]) Remote File Inclusion (mailing-list, x_refsource_BUGTRAQ)