Detections
Analytics
TinyBrowser Component for Joomla! 'tinybrowser_lang' Cookie Local File Include
critical Nessus Plugin ID 44337
Language:
Synopsis
The remote web server contains a PHP application that is affected by a local file include vulnerability.Description
The version of the TinyBrowser component for Joomla! running on the remote host is affected by a local file include vulnerability due to improper sanitization of user-supplied input to the 'tinybrowser_lang' cookie before using it in the tiny_mce/plugins/tinybrowser/folders.php script to include PHP code. Regardless of the PHP 'register_globals' setting, an unauthenticated, remote attacker can exploit this issue to disclose arbitrary files or execute arbitrary PHP code on the remote host, subject to the privileges of the web server user ID.Note that this installation is likely to be affected by other vulnerabilities, including one that allows uploading arbitrary files;
however, Nessus has not checked for these.
Solution
Upgrade to Joomla! version 1.5.13 or later.See Also
Plugin Details
Severity: Critical
ID: 44337
File Name: joomla_tinybrowser_lang_lfi.nasl
Version: 1.17
Type: Remote
Family: CGI abuses
Published: 1/29/2010
Updated: 4/22/2026
Configuration: Enable thorough checks (optional)
Supported Sensors: Nessus
Enable CGI Scanning: true
Risk Information
CVSS Score Rationale: Tenable score for local file inclusion.
CVSS v2
Risk Factor: High
Base Score: 7.5
Temporal Score: 7.1
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS Score Source: manual
CVSS v3
Risk Factor: Critical
Base Score: 9.8
Temporal Score: 9.6
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:F/RL:U/RC:X
Vulnerability Information
CPE: cpe:/a:joomla:joomla%5c%21
Required KB Items: installed_sw/Joomla!, www/PHP
Exploit Available: true
Exploit Ease: Exploits are available
Exploited by Nessus: true
Patch Publication Date: 7/22/2009
Vulnerability Publication Date: 1/27/2010
Reference Information
BID: 37956