PT-2007-6383 · Joomla · Com Wmtportfolio

Noge

Published

2007-10-09

Updated

2017-09-29

CVE-2007-5310

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions: Joomla! component com wmtportfolio version 1.0

Description: A remote file inclusion issue in the admin.wmtportfolio.php file of the com wmtportfolio component allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig absolute path parameter.

Recommendations: For version 1.0 of the com wmtportfolio component, consider disabling the admin.wmtportfolio.php file or restricting access to it until a patch is available. Avoid using the mosConfig absolute path parameter in the affected component to minimize the risk of exploitation.

Exploit

Fix

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-94

Related Identifiers

CVE-2007-5310

Affected Products

Com Wmtportfolio

PT-2007-6383 · Joomla · Com Wmtportfolio

CVE-2007-5310

Weakness Enumeration

Related Identifiers

Affected Products

References · 5