CVE-2006-4378 Information

Description

LICENSE README.md cvefilelist cvelist nvdcve nvdpages.sh scripts test-CVE-2017-1882.markdown test-CVE-2017-18822.markdown tmpvendorlinks DISPUTED LICENSE README.md cvefilelist cvelist nvdcve nvdpages.sh scripts test-CVE-2017-1882.markdown test-CVE-2017-18822.markdown tmpvendorlinks Multiple PHP remote file inclusion vulnerabilities in the Rssxt component for Joomla! (com_rssxt) possibly 2.0 Beta 1 or 1.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter in (1) pinger.php (2) RPC.php or (3) rssxt.php. NOTE: another researcher has disputed this issue saying that the attacker can not control this parameter. In addition as of 20060825 the original researcher has appeared to be unreliable with some other past reports. CVE has not performed any followup analysis with respect to this issue.

Reference

http://securityreason.com/securityalert/1456 http://www.osvdb.org/28096 http://www.securityfocus.com/archive/1/443628/100/100/threaded http://www.securityfocus.com/archive/1/444058/100/100/threaded http://www.securityfocus.com/bid/19593