vendor:
com_colorlab
by:
xoron
N/A
CVSS
HIGH
Remote File Include
CWE
Product Name: com_colorlab
Affected Version From:
Affected Version To:
Patch Exists: No
Related CWE:
CPE:
Platforms Tested:
2007
Joomla com_colorlab Remote File Include
The Joomla component com_colorlab is vulnerable to remote file inclusion. An attacker can exploit this vulnerability to include arbitrary remote files, which could lead to remote code execution.
Mitigation:
To fix this vulnerability, open the admin.color.php file and add the following code before the wrong code:defined( '_VALID_MOS' ) or die( 'Direct Access to this location is not allowed.' );Save and exit the file.