CVE-2006-3294

PHP remote file inclusion vulnerability in modcbsmsmessages.php in CBSMS Mambo Module 1.0 and earlier, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter...

CVE-2006-3302

PHP remote file inclusion vulnerability in modcbsms.php in CBSMS Mambo Module 1.0 and earlier, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the mosCapath parameter. NOTE: the provenance of this information is unknown; portions of the details...

CVE-2006-3294

The CBSMS Mambo Module (1.0 and earlier) contains a PHP remote file inclusion in mod_cbsms_messages.php. The vulnerability arises when register_globals is enabled and an attacker supplies a URL in mosConfig_absolute_path, enabling arbitrary PHP code execution. Root cause: lack of input sanitizati...

cbsms.txt

--------------------------------------------------------------------------- CBSMS Mambo Module = 1.0 mosConfigabsolutepath Remote File Include Vulnerabilities --------------------------------------------------------------------------- Discovered By Kw3RLn Romanian Security Team Remote : Yes...

CBSMS Mambo Module <= 1.0 Remote File Include Vulnerability

No description provided by source. --------------------------------------------------------------------------- CBSMS Mambo Module = 1.0 mosConfigabsolutepath Remote File Include Vulnerabilities --------------------------------------------------------------------------- Discovered By Kw3RLn Romani...