CVE-2010-2918 Information

Description

PHP remote file inclusion vulnerability in core/include/myMailer.class.php in the Visites (com_joomla-visites) component 1.1 RC2 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.

Reference

http://packetstormsecurity.org/0804-exploits/joomlavisites-rfi.txt http://www.exploit-db.com/exploits/14476 http://www.securityfocus.com/bid/28942 http://www.vupen.com/english/advisories/2010/1925 https://exchange.xforce.ibmcloud.com/vulnerabilities/42025