CVE-2008-6841

Name of the Vulnerable Software and Affected Versions: Joomla! com dbquery component versions 1.4.1.1 and earlier

Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig absolute path parameter to classes/DBQ/admin/common.class.php. This is a PHP remote file inclusion issue in the Green Mountain Information Technology and Consulting Database Query component for Joomla!.

Recommendations: For versions 1.4.1.1 and earlier, consider disabling access to the classes/DBQ/admin/common.class.php file until a patch is available. Avoid using the mosConfig absolute path parameter in the affected component to minimize the risk of exploitation.