Multiple PHP remote file inclusion vulnerabilities in the Quoc-Huy MP3 Allopass (com_mp3_allopass) 1.0 component for Joomla! allow remote malicious users to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter to (1) allopass.php and (2) allopass-error.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
quoc-huy mp3 allopass 1.0 |