CVE-2007-4187

Name of the Vulnerable Software and Affected Versions Joomla! version 1.5 beta before RC1

Description The issue allows remote attackers to execute arbitrary PHP code via PHP sequences in the searchword parameter, related to default results.php in components/com search/views/search/tmpl/ and templates/beez/html/com search/search/.

Recommendations For Joomla! version 1.5 beta before RC1, consider restricting access to the com search component until a fix is available. As a temporary workaround, avoid using the searchword parameter in the affected API endpoint until the issue is resolved.