vendor:
Taskhopper
by:
Cold z3ro
5.5
CVSS
MEDIUM
Remote File Inclusion
CWE
Product Name: Taskhopper
Affected Version From: 1.1
Affected Version To: 1.1
Patch Exists: NO
Related CWE:
CPE:
Platforms Tested:
2007
Joomla/Mambo Component Taskhopper 1.1 RFI
The Joomla/Mambo Component Taskhopper 1.1 is vulnerable to Remote File Inclusion (RFI) attack. The vulnerability allows an attacker to include a remote file using the 'mosConfig_absolute_path' parameter in various PHP files.
Mitigation:
The vulnerability can be mitigated by validating user input and using proper input sanitization techniques to prevent remote file inclusion attacks.