No description provided by source.
A vulnerability has been discovered in the Camp26 VisitorData module for Joomla, which can be exploited by malicious people to compromise a vulnerable system. Input passed via the "X-Forwarded-For" HTTP header is not properly sanitised before being used as a command line argument in tmpl/default.php. This can be exploited to inject arbitrary shell commands The vulnerability is confirmed in version 1.1. Other versions may also be affected.