HIGH🇬🇧 English

CVE-2009-4789

CVSS 7.5v2.0pub. 2010-04-21upd. 2026-04-29

Multiple PHP remote file inclusion vulnerabilities in the MojoBlog component RC 0.15 for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to (1) wp-comments-post.php and (2) wp-trackback.php.

oryginał EN
CVSS Vector
AV:N/AC:L/Au:N/C:P/I:P/A:P
  • Joomla

    APP
    Joomla
    wszystkie wersje
  • Mojoblog

    APP
    Mojoblog
    rc0.15
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2010-1470HIGH7.5ten sam produkt

Directory traversal vulnerability in the Web TV (com_webtv) component 1.0 for Joomla! allows remote attackers ...

CVE-2010-0694HIGH7.5ten sam produkt

SQL injection vulnerability in the PerchaGallery (com_perchagallery) component before 1.5b for Joomla! allows ...

CVE-2009-4599HIGH7.5ten sam produkt

Multiple SQL injection vulnerabilities in the JS Jobs (com_jsjobs) component 1.0.5.6 for Joomla! allow remote ...

CVE-2009-4604HIGH7.5ten sam produkt

PHP remote file inclusion vulnerability in mamboleto.php in the Fernando Soares Mamboleto (com_mamboleto) comp...

CVE-2009-4598HIGH7.5ten sam produkt

SQL injection vulnerability in the JPhoto (com_jphoto) component 1.0 for Joomla! allows remote attackers to ex...