CVE-2007-5310

Joomla - Code Injection

Title source: rule

Description

PHP remote file inclusion vulnerability in admin.wmtportfolio.php in the webmaster-tips.net wmtportfolio 1.0 (com_wmtportfolio) component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED
by NoGe · textwebappsphp
https://www.exploit-db.com/exploits/4497

References (4)

Scores

EPSS 0.0020
EPSS Percentile 41.8%

Classification

CWE
CWE-94
Status draft

Affected Products (2)

joomla/joomla
webmaster-tips.net/flash_image_gallery

Timeline

Published Oct 09, 2007
Tracked Since Feb 18, 2026