CVE-2008-5789

Name of the Vulnerable Software and Affected Versions com feederator version 1.0.5

Description The issue allows remote attackers to execute arbitrary PHP code via specific parameters in various PHP files. This is achieved by manipulating the mosConfig absolute path parameter in files such as add tmsp.php, edit tmsp.php, and tmsp.php in the includes/tmsp/ directory, as well as the GLOBALS[mosConfig absolute path] parameter in subscription.php.

Recommendations For com feederator version 1.0.5, consider disabling the add tmsp.php, edit tmsp.php, tmsp.php, and subscription.php files in the includes/tmsp/ directory until a patch is available to prevent remote attackers from executing arbitrary PHP code. Restrict access to these files to minimize the risk of exploitation. Avoid using the mosConfig absolute path and GLOBALS[mosConfig absolute path] parameters in the affected files until the issue is resolved.