Mambo output Remote File Inclusion Exploit

A remote file inclusion vulnerability is present in Mambo. /includes/Cache/Lite/Output.php doesn't sanitize the $mosConfig_absolute_path before using it in an include.
Vulnerabilty ID: 
CVE-2008-2905
Released Date: 
Monday, May 25, 2009 - 19:00