Lucene search

[email protected]CVE-2008-6221

HistoryFeb 20, 2009 - 9:30 p.m.

CVE-2008-6221

2009-02-2021:30:01

CWE-94

[email protected]

web.nvd.nist.gov

cve-2008-6221

php

remote file inclusion

vulnerability

dada mail manager

com_dadamail

joomla

nvd

7.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.087 Low

EPSS

Percentile

94.5%

JSON

PHP remote file inclusion vulnerability in config.dadamail.php in the Dada Mail Manager (com_dadamail) component 2.6 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[mosConfig_absolute_path] parameter.

Affected configurations

NVD

Node

dadamailprojectdada_mail_managerMatch2.6

AND

joomlajoomla

CPENameOperatorVersion
dadamailproject:dada_mail_managerdadamailproject dada mail managereq2.6

CPE	Name	Operator	Version
dadamailproject:dada_mail_manager	dadamailproject dada mail manager	eq	2.6

References

secunia.com/advisories/32551

www.securityfocus.com/bid/32135

www.vupen.com/english/advisories/2008/3021

exchange.xforce.ibmcloud.com/vulnerabilities/46378

www.exploit-db.com/exploits/7002

7.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.087 Low

EPSS

Percentile

94.5%

JSON

Related for CVE-2008-6221

prion1 cvelist1 canvas1 nvd1