Lucene search
HistoryJun 29, 2006 - 1:05 a.m.
CVE-2006-3294
cve
2006
3294
php
remote file inclusion
vulnerability
mod_cbsms_messages.php
cbsms mambo module
nvd
5.1 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
7.6 High
AI Score
Confidence
High
0.118 Low
EPSS
Percentile
95.4%
PHP remote file inclusion vulnerability in mod_cbsms_messages.php in CBSMS Mambo Module 1.0 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
Affected configurations
Node
cbsmsmambo_moduleMatch1.0
| CPE | Name | Operator | Version |
|---|---|---|---|
| cbsms:mambo_module | cbsms mambo module | eq | 1.0 |
Related
checkpoint_advisories
checkpoint_advisories
Web Servers CBSMS Mambo Remote File Inclusion (CVE-2006-3294)
2014-07-15 00:00:00
Update Protection against CBSMS Mambo Module Remote File Vulnerabilities
2006-10-11 00:00:00
nvd
nvd
CVE-2006-3294
2006-06-29 01:05:00
cvelist
cvelist
CVE-2006-3294
2006-06-29 01:00:00
5.1 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
7.6 High
AI Score
Confidence
High
0.118 Low
EPSS
Percentile
95.4%
Related for CVE-2006-3294