3 matches found
Immunity Canvas: JOOMLATIMESHEET_RFI
Name| joomlatimesheetrfi ---|--- CVE| CVE-2008-6347 Exploit Pack| CANVAS Description| Joomla comongumatimesheet20 Remote File Include Notes| CVSS: 7.5 Repeatability: Infinite VENDOR: Joomla CVE Url: https://vulners.com/cve/CVE-2008-6347 CVE Name: CVE-2008-6347...
CVE-2008-6347
CVE-2008-6347 is a PHP remote file inclusion vulnerability in Onguma Time Sheet (com_ongumatimesheet20) for Joomla! 2.0 4b. The flaw allows RCE by passing a URL to mosConfig_absolute_path that is used by lib/onguma.class.php. Public exploits exist (e.g., Exploit-DB entry 6976; CANVAS-related note...
CVE-2008-6347
PHP remote file inclusion vulnerability in lib/onguma.class.php in the Onguma Time Sheet comongumatimesheet20 2.0 4b component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter...