CVE-2006-4378 is a vulnerability in Joomla Rssxt Component

Multiple PHP remote file inclusion vulnerabilities in the Rssxt component for Joomla! (com_rssxt), possibly 2.0 Beta 1 or 1.0 and earlier, allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter in (1) pinger.php, (2) RPC.php, or (3) rssxt.php. NOTE: another researcher has disputed this issue, saying that the attacker can not control this parameter. In addition, as of 20060825, the original researcher has appeared to be unreliable with some other past reports. CVE has not performed any followup analysis with respect to this issue

Products Associated with CVE-2006-4378

Want to know whenever a new CVE is published for Joomla Rssxt Component? stack.watch will email you.

Exploit Probability

EPSS

1.20%

Percentile

78.71%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2006-4378 is a vulnerability in Joomla Rssxt ComponentPublished on August 26, 2006

Products Associated with CVE-2006-4378

Exploit Probability

CVE-2006-4378 is a vulnerability in Joomla Rssxt Component
Published on August 26, 2006