PHP remote file inclusion vulnerability in contxtd.class.php in the Contacts XTD (ContXTD) component for Mambo (com_contxtd) allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. NOTE: another researcher has disputed this issue, saying that the software prevents the attack by checking whether _VALID_MOS is defined
References
Configurations
History
07 Nov 2023, 01:59
Type | Values Removed | Values Added |
---|---|---|
Summary | PHP remote file inclusion vulnerability in contxtd.class.php in the Contacts XTD (ContXTD) component for Mambo (com_contxtd) allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. NOTE: another researcher has disputed this issue, saying that the software prevents the attack by checking whether _VALID_MOS is defined |
Information
Published : 2006-08-26 21:04
Updated : 2024-08-07 19:15
NVD link : CVE-2006-4375
Mitre link : CVE-2006-4375
CVE.ORG link : CVE-2006-4375
JSON object : View
Products Affected
mambo
- contacts_xtd_component
CWE