4 matches found
CVE-2006-4296
PHP remote file inclusion vulnerability in classes/Tar.php in bigAPE-Backup component combabackup for Mambo 1.1 allows remote attackers to include arbitrary files via the mosConfigabsolutepath parameter...
CVE-2006-4296
CVE-2006-4296 is a PHP remote file inclusion vulnerability in Mambo 1.1, specifically within the bigAPE-Backup component (com_babackup) and its Tar.php. The root cause is that the mosConfig_absolute_path parameter can be used by an attacker to include arbitrary files, enabling remote code inclusi...
[SA21574] Mambo bigAPE-Backup Component File Inclusion Vulnerability
TITLE: Mambo bigAPE-Backup Component File Inclusion Vulnerability SECUNIA ADVISORY ID: SA21574 VERIFY ADVISORY: http://secunia.com/advisories/21574/ CRITICAL: Highly critical IMPACT: System access WHERE: From remote SOFTWARE: bigAPE-Backup 1.x component for Mambo http://secunia.com/product/11615/...
Mambo Component bigAPE-Backup 1.1 - Remote File Inclusion
/ Notes: globals bypass with a multipart/form-data POST PHP4 = 4.4.0 PHP5 = 5.0.5 http://www.hardened-php.net/globals-problem /str0ke / C Y BE R - W A R R i O R T I M mambo combabackup 1.1 Component mosConfigabsolutepath Remote File Inclusion Vulnerabilities Author: mdx Class : Remote cont@ct:...