CVE-2008-5053: Code Injection
First published: Thu Nov 13 2008(Updated: )
PHP remote file inclusion vulnerability in admin.rssreader.php in the Simple RSS Reader (com_rssreader) 1.0 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Rssreader | =1.0 | |
| Joomla | =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2008-5053?
CVE-2008-5053 is classified as a critical vulnerability, allowing remote code execution.
How can I fix CVE-2008-5053?
To fix CVE-2008-5053, upgrade to a patched version of the Simple RSS Reader component for Joomla!.
Which versions of Joomla! are affected by CVE-2008-5053?
CVE-2008-5053 specifically affects the Simple RSS Reader component version 1.0 on Joomla!.
What is the impact of exploiting CVE-2008-5053?
Exploiting CVE-2008-5053 allows attackers to execute arbitrary PHP code on the server.
Is there a way to mitigate the risk of CVE-2008-5053?
Mitigation of CVE-2008-5053 can be achieved by disabling the vulnerable component if upgrading is not immediately feasible.
- collector/nvd-historical
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/author
- agent/weakness
- agent/last-modified-date
- agent/first-publish-date
- agent/description
- agent/event
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/joomla
- canonical/rssreader
- version/rssreader/1.0
- canonical/joomla
- version/joomla/1.0