CVE-2006-4074

Name of the Vulnerable Software and Affected Versions JD-Wiki Component (com jd-wiki) versions 1.0.2 and earlier for Joomla!

Description The issue allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig absolute path parameter when register globals is enabled.

Recommendations For JD-Wiki Component (com jd-wiki) versions 1.0.2 and earlier, consider disabling the register globals setting to prevent exploitation until a patch is available. Restrict access to the lib/tpl/default/main.php file to minimize the risk of exploitation. Avoid using the mosConfig absolute path parameter in affected URLs until the issue is resolved.