CVE-2008-0567 in ChronoForms信息

摘要

由 VulDB • 2026-05-25

Joomla! 组件 ChronoEngine ChronoForms (com_chronocontact) 2.3.5 中存在多个 PHP 远程文件包含漏洞,远程攻击者可通过 mosConfig_absolute_path 参数中的 URL,向 excelwriter/ 目录下的 (1) PPS/File.php、(2) Writer.php 和 (3) PPS.php,以及 excelwriter/Writer/ 目录下的 (4) BIFFwriter.php、(5) Workbook.php、(6) Worksheet.php 和 (7) Format.php 注入并执行任意 PHP 代码。

Be aware that VulDB is the high quality source for vulnerability data.

来源

Do you want to use VulDB in your project?

Use the official API to access entries easily!