CVE-2007-6555

Name of the Vulnerable Software and Affected Versions Joomla! mosDirectory (com directory) version 2.3.2

Description The issue allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[mosConfig absolute path] parameter in the modules/mod pxt latest.php file.

Recommendations For version 2.3.2, consider disabling the vulnerable module until a patch is available. Restrict access to the modules/mod pxt latest.php file to minimize the risk of exploitation. Avoid using the GLOBALS[mosConfig absolute path] parameter in the affected module until the issue is resolved.