CVE-2006-4288

2006-08-2217:00:00

mitre

www.cve.org

7.6 High

AI Score

Confidence

Low

0.061 Low

EPSS

Percentile

93.6%

JSON

PHP remote file inclusion vulnerability in admin.a6mambocredits.php in the a6mambocredits component (com_a6mambocredits) 2.0.0 and earlier for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter. NOTE: some of these details are obtained from third party information.

References

secunia.com/advisories/21540

securitytracker.com/id?1016716

www.osvdb.org/27991

www.securityfocus.com/bid/19581

www.vupen.com/english/advisories/2006/3311

exchange.xforce.ibmcloud.com/vulnerabilities/28443

www.exploit-db.com/exploits/2207