CVE-2006-3773

PHP remote file inclusion vulnerability in smf.php in the SMF-Forum 1.3.1.3 Bridge Component (com_smf) For Joomla! and Mambo 4.5.3+ allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
Configurations

Configuration 1 (hide)

cpe:2.3:a:mambo:smf-forum:1.3.1.3_bridge_component:*:*:*:*:*:*:*

History

21 Nov 2024, 00:14

Type Values Removed Values Added
References () http://forum.mamboserver.com/showthread.php?t=83001 - () http://forum.mamboserver.com/showthread.php?t=83001 -
References () http://secunia.com/advisories/21079 - Vendor Advisory () http://secunia.com/advisories/21079 - Vendor Advisory
References () http://www.securityfocus.com/bid/18924 - () http://www.securityfocus.com/bid/18924 -
References () http://www.vupen.com/english/advisories/2006/2846 - () http://www.vupen.com/english/advisories/2006/2846 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/27777 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/27777 -
References () https://www.exploit-db.com/exploits/2021 - () https://www.exploit-db.com/exploits/2021 -

Information

Published : 2006-07-24 12:19

Updated : 2024-11-21 00:14


NVD link : CVE-2006-3773

Mitre link : CVE-2006-3773

CVE.ORG link : CVE-2006-3773


JSON object : View

Products Affected

mambo

  • smf-forum
CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')