CVE-2006-3774
Joomla perForms Component < 1.0 - Remote Code Execution via mosConfig_absolute_path Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2006-3774. PoCs published by endeneu.
AI-analyzed exploit summary This is a writeup describing a remote file inclusion vulnerability in perForms Joomla Component version 1.0. The vulnerability arises due to unsanitized use of the $mosConfig_absolute_path variable when register_globals is enabled.
Description
PHP remote file inclusion vulnerability in performs.php in the perForms component (com_performs) 1.0 and earlier for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
Exploits (1)
This is a writeup describing a remote file inclusion vulnerability in perForms Joomla Component version 1.0. The vulnerability arises due to unsanitized use of the $mosConfig_absolute_path variable when register_globals is enabled.