{"title": "Mambo Open Server configuration.php Arbitrary File Deletion", "published": "2004-04-01T00:00:00", "references": [], "type": "osvdb", "enchantments": {"score": {"value": -0.2, "vector": "NONE", "modified": "2017-04-28T13:20:02", "rev": 2}, "dependencies": {"references": [], "modified": "2017-04-28T13:20:02", "rev": 2}, "vulnersScore": -0.2}, "cvelist": [], "viewCount": 1, "affectedSoftware": [{"version": "Unknown or Unspecified", "name": "Mambo", "operator": "eq"}], "id": "OSVDB:7520", "modified": "2004-04-01T00:00:00", "href": "https://vulners.com/osvdb/OSVDB:7520", "edition": 1, "description": "## Vulnerability Description\nMambo contains a flaw that allows a remote attacker to delete arbitrary files outside of the web path. The issue is due to the 'configuration.php' script not properly sanitizing user input, specifically traversal style attacks (../../) supplied via the 'com_media' variable.\n## Technical Description\nAn attacker must be logged in as administrator. This vulnerability primarily affects Mambo setups on multi-user/host environments.\n## Solution Description\nCurrently, there are no known upgrades, patches, or workarounds available to correct this issue.\n## Short Description\nMambo contains a flaw that allows a remote attacker to delete arbitrary files outside of the web path. The issue is due to the 'configuration.php' script not properly sanitizing user input, specifically traversal style attacks (../../) supplied via the 'com_media' variable.\n## Manual Testing Notes\nhttp://[victim]/administrator/index2.php?option=com_media&task=delete&delFile=configuration.php&listdir=/../..\n## References:\nVendor URL: http://www.mamboserver.com/\n[Vendor Specific Advisory URL](http://mosforge.net/tracker/index.php?func=detail&aid=184&group_id=5&atid=101)\n", "bulletinFamily": "software", "reporter": "Frank Bohne()", "cvss": {"vector": "NONE", "score": 0.0}, "lastseen": "2017-04-28T13:20:02"}

{}