12 matches found
EUVD-2006-3974
Malware in sbrugna...
Mambo MGM Component <= 0.95r2 Remote Inclusion Vulnerability
No description provided by source. ---------------------------------------------------- Mambo Gallery Manager v095.r3 Remote File Inclusion Vulnerabilities ---------------------------------------------------- Discovered By A-S-T TEAM WE ARE CrAsHoVeRrIdE & BLACK-CODE & MR-HCR...
Mambo Gallery Manager help.mgm.php mosConfig_absolute_path Parameter PHP Code Execution - Ver2 (CVE-2006-3980)
A code execution vulnerability has been reported in Mambo Gallery Manager. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Mambo Gallery Manager MosConfig_Absolute_Path远程文件包含漏洞
Mambo Gallery Manager是一款基于Mambo的图片程序。 Mambo Gallery Manager不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞以WEB进程权限执行任意命令。 问题是'help.mgm.php'脚本对用户提交的"mosConfigabsolutepath"参数缺少过滤,提交恶意的远程服务器作为包含对象,可导致以WEB进程权限执行任意PHP代码。 Mambo Mambo Gallery Manager Component 0.95 r3 http://mamboxchange.com/projects/mgm/...
CVE-2006-3981
PHP remote file inclusion vulnerability in about.mgm.php in Mambo Gallery Manager MGM 0.95r2 and earlier for Mambo 4.5 allows remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter. NOTE: the provenance of this information is unknown; the details are...
CVE-2006-3980
PHP remote file inclusion vulnerability in administrator/components/commgm/help.mgm.php in Mambo Gallery Manager MGM 0.95r2 and earlier for Mambo 4.5 allows remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter...
CVE-2006-3981
PHP remote file inclusion vulnerability in about.mgm.php in Mambo Gallery Manager MGM 0.95r2 and earlier for Mambo 4.5 allows remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter. NOTE: the provenance of this information is unknown; the details are...
CVE-2006-3981
The CVE-2006-3981 entry describes a PHP remote file inclusion vulnerability in Mambo Gallery Manager (MGM) 0.95r2 and earlier for Mambo 4.5. The flaw allows an attacker to execute arbitrary PHP code via a URL supplied in the mosConfig_absolute_path parameter. Affected component is MGM’s about.mgm...
CVE-2006-3980
The CVE-2006-3980 entry describes a PHP remote file inclusion in Mambo Gallery Manager (MGM) 0.95r2 and earlier for Mambo 4.5, caused by using a URL in mosConfig_absolute_path within administrator/components/com_mgm/help.mgm.php. This vulnerability allows remote attackers to execute arbitrary PHP...
CVE-2006-3980
PHP remote file inclusion vulnerability in administrator/components/commgm/help.mgm.php in Mambo Gallery Manager MGM 0.95r2 and earlier for Mambo 4.5 allows remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter...
mgm095.txt
---------------------------------------------------- Mambo Gallery Manager v095.r3 Remote File Inclusion Vulnerabilities ---------------------------------------------------- Discovered By A-S-T TEAM WE ARE CrAsHoVeRrIdE & BLACK-CODE & MR-HCR ---------------------------------------------------- si...
Mambo Gallery Manager v095.r3 Remote File Inclusion Vulnerabilities
---------------------------------------------------- Mambo Gallery Manager v095.r3 Remote File Inclusion Vulnerabilities ---------------------------------------------------- Discovered By A-S-T TEAM WE ARE CrAsHoVeRrIdE & BLACK-CODE & MR-HCR ---------------------------------------------------- si...