PHP remote file inclusion vulnerability in lib/pcltar.lib.php (aka pcltar.php) in the PclTar module 1.3 and 1.3.1 for Vincent Blavet PhpConcept Library, as used in multiple products including (1) Joomla! 1.5.0 Beta, (2) N/X Web Content Management System (WCMS) 4.5, (3) CJG EXPLORER PRO 3.3, and (4) phpSiteBackup 0.1, allows remote attackers to execute arbitrary PHP code via a URL in the g_pcltar_lib_dir parameter.
AV:N/AC:M/Au:N/C:P/I:P/A:PCjg Explorer Pro
APPCjg Explorer Pro3.3Joomla
APPJoomla1.5.0Nx N X Wcms
APPNx4.5Phpsitebackup
APPPhpsitebackup0.1
Related vulnerabilities
Multiple PHP remote file inclusion vulnerabilities in the MojoBlog component RC 0.15 for Joomla! allow remote ...
Directory traversal vulnerability in the Web TV (com_webtv) component 1.0 for Joomla! allows remote attackers ...
SQL injection vulnerability in the PerchaGallery (com_perchagallery) component before 1.5b for Joomla! allows ...
Multiple SQL injection vulnerabilities in the JS Jobs (com_jsjobs) component 1.0.5.6 for Joomla! allow remote ...
PHP remote file inclusion vulnerability in mamboleto.php in the Fernando Soares Mamboleto (com_mamboleto) comp...