CVE-2008-1682 Information

Description

PHP remote file inclusion vulnerability in quiz/common/db_config.inc.php in the Online FlashQuiz (com_onlineflashquiz) 1.0.2 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the base_dir parameter.

Reference

http://www.securityfocus.com/bid/28574 https://exchange.xforce.ibmcloud.com/vulnerabilities/41592 https://www.exploit-db.com/exploits/5345