SECUNIA ADVISORY ID: SA21495 VERIFY ADVISORY: http://secunia.com/advisories/21495/ CRITICAL: Highly critical IMPACT: System access WHERE: >From remote SOFTWARE: Webring 1.x (component for Joomla) http://secunia.com/product/11410/ DESCRIPTION: xoron has discovered a vulnerability in the Webring component for Joomla, which can be exploited by malicious people to compromise a vulnerable system. Input passed to the "component_dir" parameter in administrator/components/com_webring/admin.webring.docs.php isn't properly verified, before it is used to include files. This can be exploited to include arbitrary files from external and local resources. Successful exploitation requires that "register_globals" is enabled. The vulnerability has been confirmed in version 1.0. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. Set "register_globals" to "Off". PROVIDED AND/OR DISCOVERED BY: xoron ORIGINAL ADVISORY: http://milw0rm.com/exploits/2177