PHP remote file inclusion vulnerability in smf.php in the SMF-Forum 1.3.1.3 Bridge Component (com_smf) For Joomla! and Mambo 4.5.3+ allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
References
Configurations
History
21 Nov 2024, 00:14
Type | Values Removed | Values Added |
---|---|---|
References | () http://forum.mamboserver.com/showthread.php?t=83001 - | |
References | () http://secunia.com/advisories/21079 - Vendor Advisory | |
References | () http://www.securityfocus.com/bid/18924 - | |
References | () http://www.vupen.com/english/advisories/2006/2846 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/27777 - | |
References | () https://www.exploit-db.com/exploits/2021 - |
Information
Published : 2006-07-24 12:19
Updated : 2024-11-21 00:14
NVD link : CVE-2006-3773
Mitre link : CVE-2006-3773
CVE.ORG link : CVE-2006-3773
JSON object : View
Products Affected
mambo
- smf-forum
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')