CVE-2009-3333

Description

PHP remote file inclusion vulnerability in koesubmit.php in the koeSubmit (com_koesubmit) component 1.0 for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.

Affected products

• alibasta / com_koesubmit1.0 – 1.0

References

• MISChttp://www.securityfocus.com/bid/36447
• EXPLOIThttp://www.exploit-db.com/exploits/9714