Joomla 1.0.13-1.0.14 Remote PHP File Inclusion Vulnerability (CVE-2008-5671) Analysis

Affected Versions: Joomla 1.0.13 - 1.0.14 Vulnerability Type: PHP file inclusion Risk Level: High CVE ID: CVE-2008-5671 CWE ID: CWE-94 CVSS Base Score: 7.5/10 Exploit Range: Remote Impact: - Confidentiality Impact: Partial - Integrity Impact: Partial - Availability Impact: Partial Exploitability: 10/10 Authentication: Not required CVSS Vector: (Missing in the provided screenshot, can be derived from other metrics) Introduction: The screenshot details the scenario where outdated Joomla versions can be vulnerable to remote PHP file inclusion if is not defined in the or when is enabled. The CVE specifically targets Joomla versions 1.0.13 to 1.0.14. Exploit Description: An attacker can exploit the vulnerability by manipulating the variable via a URL containing a path to a malicious PHP file. The vulnerability originates from the ability to override configuration settings when is not set and is enabled. The code block in the middle demonstrates the insecure inclusion logic that allows this exploit. Workaround: The screenshot suggests replacing the directive with a simple in and files, specifically for the inclusion of . Alternatively, it suggests disabling in by defining it as if not already defined. Technical Detail: The provided code snippet and references illustrate the process and context of the flaw, showing how an attacker can overwrite configuration variables using GET variables and thus include any remote file. This effectively compromises the application's security. References: Several external links are provided for further exploration and reference, including a Joomla release announcement discussing the release of 1.0.15 and related security advisories.

Goal Reached Thanks to every supporter — we hit 100%!

Joomla 1.0.13-1.0.14 Remote PHP File Inclusion Vulnerability (CVE-2008-5671) Analysis