|
Vulnerability Assessment & Network Security Forums |
|||||||||
If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery. Home >> Browse Vulnerability Assessment Database >> CGI abuses >> JCE Admin Component Local File Include Vulnerability Vulnerability Assessment Details
|
JCE Admin Component Local File Include Vulnerability |
||
Tries to read a local file with JCE Admin Component Detailed Explanation for this Vulnerability Assessment Summary : The remote web server contains a PHP script that is affected by a local file include issue. Description : The installation of Joomla on the remote host includes a third-party component, the JCE Admin component, that fails to sanitize input to the 'test' and 'file' parameters before using it in the 'components/com_jce/jce.php' script to include PHP code. Regardless of PHP's 'register_globals' setting, an unauthenticated attacker may be able to leverage this issue to view arbitrary files or to execute arbitrary PHP code on the remote host, subject to the rights of the web server user id. In addition, the component is also reportedly affected by multiple cross-site scripting vulnerabilities involving other parameters to the same script. Solution : Unknown at this time. Network Security Threat Level: High / CVSS Base Score : 7.0 (AV:R/AC:L/Au:NR/C:P/I:P/A:P/B:N) Networks Security ID: 21491, 21496 Vulnerability Assessment Copyright: This script is Copyright (C) 2006 Tenable Network Security |
||
Cables, Connectors |
Vintage Apple Macintosh II 2 M5000 Computer no power very nice w drives card
$350.00
Apple Mac Powerbook Duo 230 Vintage Laptop
$60.00
Apple MacIntosh IIcx Vintage Desktop Computer M5650 - 1988/89
$200.00
Vintage Apple Macintosh SE Case - Empty Shell - Housing retro project
$60.00
VINTAGE REFURBISHED MACINTOSH SE WITH BLUESCSI RECAPPED POWER SUPPLY
$300.00
Vintage Apple Macintosh Powerbook 190 Series M3047 Laptop Parts/Repair
$69.00
VINTAGE RARE POWER R 2703 VIDEO ADAPTER FOR MACINTOSH SE SE/30 LCD NOT INCLUDED
$300.00
Apple Studio Display Monitor M2454 15" vintage Mac LCD
$80.00
Apple Macintosh SE/30 M5119 Vintage Mac Computer BAD FLOPPY DRIVE FOR PARTS
$350.00
Vintage Apple Keyboard M0116 w/ Cable & Desktop Bus Mouse II Macintosh TESTED
$99.99
|
||
No Discussions have been posted on this vulnerability. |