Lucene search

[email protected]CVE-2006-4282

HistoryAug 22, 2006 - 5:04 p.m.

CVE-2006-4282

2006-08-2217:04:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

mambo

joomla

nvd

cve-2006-4282

remote file inclusion

php

security vulnerability

7.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.153 Low

EPSS

Percentile

95.8%

JSON

PHP remote file inclusion vulnerability in MamboLogin.php in the MamboWiki component (com_mambowiki) 0.9.6 and earlier for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the IP parameter.

CPENameOperatorVersion
mamboxchange:mambowikimamboxchange mambowikieq0.9.4
mamboxchange:mambowikimamboxchange mambowikieq0.9.6

CPE	Name	Operator	Version
mamboxchange:mambowiki	mamboxchange mambowiki	eq	0.9.4
mamboxchange:mambowiki	mamboxchange mambowiki	eq	0.9.6

References

securityreason.com/securityalert/1436

www.lyquidity.com/mambo/index.php?option=com_mambowiki&Itemid=134

www.securityfocus.com/archive/1/443706/100/0/threaded

www.securityfocus.com/bid/19594

exchange.xforce.ibmcloud.com/vulnerabilities/28463

www.exploit-db.com/exploits/2213

7.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.153 Low

EPSS

Percentile

95.8%

JSON

Related for CVE-2006-4282

checkpoint_advisories1