7 matches found
Web Servers CBSMS Mambo Remote File Inclusion (CVE-2006-3294)
A Remote File Inclusion vulnerability has been reported in CBSMS Mambo. The vulnerability is due to lack of sanitization for user-supplied data. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system. This protection was...
CBSMS Mambo Module <= 1.0 - Remote File Include Vulnerability
No description provided by source...
CVE-2006-3294
PHP remote file inclusion vulnerability in modcbsmsmessages.php in CBSMS Mambo Module 1.0 and earlier, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter...
CVE-2006-3302
PHP remote file inclusion vulnerability in modcbsms.php in CBSMS Mambo Module 1.0 and earlier, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the mosCapath parameter. NOTE: the provenance of this information is unknown; portions of the details...
CVE-2006-3294
The CBSMS Mambo Module (1.0 and earlier) contains a PHP remote file inclusion in mod_cbsms_messages.php. The vulnerability arises when register_globals is enabled and an attacker supplies a URL in mosConfig_absolute_path, enabling arbitrary PHP code execution. Root cause: lack of input sanitizati...
cbsms.txt
--------------------------------------------------------------------------- CBSMS Mambo Module = 1.0 mosConfigabsolutepath Remote File Include Vulnerabilities --------------------------------------------------------------------------- Discovered By Kw3RLn Romanian Security Team Remote : Yes...
CBSMS Mambo Module <= 1.0 Remote File Include Vulnerability
No description provided by source. --------------------------------------------------------------------------- CBSMS Mambo Module = 1.0 mosConfigabsolutepath Remote File Include Vulnerabilities --------------------------------------------------------------------------- Discovered By Kw3RLn Romani...