PHP remote file inclusion vulnerability in htmltemplate.php in the Chad Auld MOStlyContent Editor (MOStlyCE) as created on May 2006, a component for Mambo 4.5.4, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
References
Configurations
History
21 Nov 2024, 00:24
Type | Values Removed | Values Added |
---|---|---|
References | () http://securityreason.com/securityalert/2363 - | |
References | () http://www.securityfocus.com/archive/1/448786 - Exploit | |
References | () http://www.securityfocus.com/bid/20549 - Exploit | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/29598 - |
Information
Published : 2007-03-03 21:19
Updated : 2024-11-21 00:24
NVD link : CVE-2006-7104
Mitre link : CVE-2006-7104
CVE.ORG link : CVE-2006-7104
JSON object : View
Products Affected
mambo
- mostlyce
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')