CVE-2010-2918 – Joomla! Component Visites 1.1 RC2 - Remote File Inclusion

https://notcve.org/view.php?id=CVE-2010-2918

PHP remote file inclusion vulnerability in core/include/myMailer.class.php in the Visites (com_joomla-visites) component 1.1 RC2 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. Vulnerabilidad de inclusión de fichero remoto PHP en core/include/myMailer.class.php del componente Visites (com_joomla-visites) v1.1 RC2 de Joomla! permite a atacantes remotos ejecutar código PHP de su elección a través una URL en el parámetro mosConfig_absolute_path. • https://www.exploit-db.com/exploits/14476 https://www.exploit-db.com/exploits/31708 http://packetstormsecurity.org/0804-exploits/joomlavisites-rfi.txt http://www.exploit-db.com/exploits/14476 http://www.securityfocus.com/bid/28942 http://www.vupen.com/english/advisories/2010/1925 https://exchange.xforce.ibmcloud.com/vulnerabilities/42025 • CWE-94: Improper Control of Generation of Code ('Code Injection') •