Lucene search
HistoryJun 29, 2006 - 1:05 a.m.
CVE-2006-3294
CVSS2
5.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
AI Score
7.6
Confidence
High
EPSS
0.118
Percentile
95.3%
PHP remote file inclusion vulnerability in mod_cbsms_messages.php in CBSMS Mambo Module 1.0 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
Affected configurations
Node
cbsmsmambo_moduleMatch1.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cbsms | mambo_module | 1.0 | cpe:2.3:a:cbsms:mambo_module:1.0:*:*:*:*:*:*:* |
Related
checkpoint_advisories
checkpoint_advisories
Web Servers CBSMS Mambo Remote File Inclusion (CVE-2006-3294)
2014-07-15 00:00:00
Update Protection against CBSMS Mambo Module Remote File Vulnerabilities
2006-10-11 00:00:00
exploitdb
exploitdb
Mambo Module CBSms 1.0 - Remote File Inclusion
2006-06-26 00:00:00
cvelist
cvelist
CVE-2006-3294
2006-06-29 01:00:00
cve
cve
CVE-2006-3294
2006-06-29 01:05:00
CVSS2
5.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
AI Score
7.6
Confidence
High
EPSS
0.118
Percentile
95.3%
Related for NVD:CVE-2006-3294