CVE-2007-1702

Name of the Vulnerable Software and Affected Versions: Flatmenu versions 1.07 and earlier

Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig absolute path parameter. This is a result of a PHP remote file inclusion vulnerability in the mod flatmenu.php file of the Flatmenu Mambo module.

Recommendations: For versions 1.07 and earlier, consider disabling the mod flatmenu.php file until a patch is available to prevent exploitation. Restrict access to the mosConfig absolute path parameter to minimize the risk of arbitrary PHP code execution.