• IDP Daily Update #1328
  posted: 12/12/08
  
• NSM Daily Update #1328
  posted: 12/12/08
  
• Deep Inspection 5.3r5 and above, 5.4, 6.0 #1328
  posted: 12/12/08
  
• Deep Inspection 5.1, 5.2, 5.3r4 and below #1321
  posted: 12/12/08
  
• Deep Inspection 5.0 #1132
  posted: 04/01/08
  
• Antivirus
  posted: 12/12/08

Text Size:        

• Product Information
• Security Products Overview
• Juniper Networks ISG Series
• IDP Demo
• Product Poster & Z-Card 

Title: Joomla! Com_Colorlab Component MosConfig_Live_Site Remote File Include Vulnerability

Severity: HIGH

Description:

Joomla! Com_Colorlab is a PHP-based flash component for the Joomla! content manager.

The application is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input to the 'mosConfig_live_site' parameter of the 'admin.color.php' script.

Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible.

Affected Products:

• Joomla Com_Colorlab Component 1.0

References:

• nenadt@gmail.com: Com_Colorlab Component Homepage