SECUNIA ADVISORY ID:
SA35370
VERIFY ADVISORY:
http://secunia.com/advisories/35370/
DESCRIPTION:
A vulnerability has been reported in the MooFAQ component for
Joomla!, which can be exploited by malicious people to disclose
potentially sensitive information.
Input passed to the "file" parameter in
com_moofaq/includes/file_includer.php is not properly verified before
being used to display files, which can be exploited to disclose the
content of arbitrary files.
SOLUTION:
Edit the source code to ensure that input is properly verified.
PROVIDED AND/OR DISCOVERED BY:
Chip D3 Bi0s
ORIGINAL ADVISORY:
http://milw0rm.com/exploits/8898