Pablin77

**Name of the Vulnerable Software and Affected Versions** Mambo bayesiannaivefilter component (com bayesiannaivefilter) version 1.1 **Description** The issue allows remote attackers to execute arbitrary PHP code via a URL in the `mosConfig absolute path` parameter in the administrator/components/com bayesiannaivefilter/lang.php file. This can be exploited by sending a malicious URL to the vulnerable component. **Recommendations** For Mambo bayesiannaivefilter component (com bayesiannaivefilter) version 1.1, consider restricting access to the `lang.php` file in the `administrator/components/com bayesiannaivefilter` directory to minimize the risk of exploitation. Avoid using the `mosConfig absolute path` parameter in the affected component until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.