CVSS: 6.8EPSS: 7%CPEs: 1EXPL: 2CVE-2006-3846 – Mambo Component multibanners 1.0.1 - Remote File Inclusion
https://notcve.org/view.php?id=CVE-2006-3846
PHP remote file inclusion vulnerability in extadminmenus.class.php in the MultiBanners 1.0.1 for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. Vulnerabilidad de inclusión remota de archivo en PHP en extadminmenus.class.php de MultiBanners 1.0.1 para Mambo permite a atacantes remotos ejecutar código PHP de su elección mediante una URL en el parámetro mosConfig_absolute_path. • https://www.exploit-db.com/exploits/2066 http://secunia.com/advisories/21168 http://securityreason.com/securityalert/1277 http://solpotcrew.org/adv/BlueSpy-adv-multibanners.txt http://www.securityfocus.com/archive/1/440881/100/0/threaded http://www.securityfocus.com/bid/19100 http://www.vupen.com/english/advisories/2006/2933 https://exchange.xforce.ibmcloud.com/vulnerabilities/27916 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.5EPSS: 5%CPEs: 1EXPL: 2CVE-2006-3843 – Mambo Module Calendar 1.5.7 - 'Com_Calendar.php' Remote File Inclusion
https://notcve.org/view.php?id=CVE-2006-3843
PHP remote file inclusion vulnerability in com_calendar.php in Calendar Mambo Module 1.5.7 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the absolute_path parameter. Vulnerabilidad PHP de inclusión remota de archivo en com_calendar.php en Calendar Mambo Module 1.5.7 y anteriores permite a atacantes remotos ejecutar código PHP de su elección a través de una URL en el parámetro absolute_path. • https://www.exploit-db.com/exploits/28233 http://securityreason.com/securityalert/1272 http://www.securityfocus.com/archive/1/440407/100/0/threaded http://www.securityfocus.com/bid/19027 •
CVSS: 6.8EPSS: 8%CPEs: 1EXPL: 1CVE-2006-3773 – Mambo Component SMF Forum 1.3.1.3 - Remote File Inclusion
https://notcve.org/view.php?id=CVE-2006-3773
PHP remote file inclusion vulnerability in smf.php in the SMF-Forum 1.3.1.3 Bridge Component (com_smf) For Joomla! and Mambo 4.5.3+ allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. Vulnerabilidad PHP de inclusión remota de archivo en smf.php en SMF-Forum 1.3.1.3 Bridge Component (com_smf) para Joomla! y Mambo 4.5.3+ permite a atacantes remotos ejecutar código PHP a través de una URL en el parámetro mosConfig_absolute_path. • https://www.exploit-db.com/exploits/2021 http://forum.mamboserver.com/showthread.php?t=83001 http://secunia.com/advisories/21079 http://www.securityfocus.com/bid/18924 http://www.vupen.com/english/advisories/2006/2846 https://exchange.xforce.ibmcloud.com/vulnerabilities/27777 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 6.8EPSS: 7%CPEs: 1EXPL: 4CVE-2006-3749 – Mambo Component Sitemap 2.0.0 - Remote File Inclusion
https://notcve.org/view.php?id=CVE-2006-3749
PHP remote file inclusion vulnerability in sitemap.xml.php in Sitemap component (com_sitemap) 2.0.0 for Mambo 4.5.1 CMS, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. Vulnerabilidad de inclusión remota de archivo en PHP en sitemap.xml.php en Sitemap component (com_sitemap) 2.0.0 para Mambo 4.5.1 CMS, cuando register_globals está habiliado, permite a atacantes remotos ejecutar código PHP de su elección a través de una URL en el parámetro mosConfig_absolute_path. • https://www.exploit-db.com/exploits/2028 http://advisories.echo.or.id/adv/adv38-matdhule-2006.txt http://archives.neohapsis.com/archives/bugtraq/2006-07/0180.html http://secunia.com/advisories/21055 http://securityreason.com/securityalert/1249 http://www.securityfocus.com/bid/18991 http://www.securityfocus.com/bid/24592 http://www.vupen.com/english/advisories/2006/2803 https://exchange.xforce.ibmcloud.com/vulnerabilities/27723 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.5EPSS: 6%CPEs: 3EXPL: 1CVE-2006-3736 – Mambo Component com_videodb 0.3en - Remote File Inclusion
https://notcve.org/view.php?id=CVE-2006-3736
PHP remote file inclusion vulnerability in core/videodb.class.xml.php in the VideoDB component for Mambo 0.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. Vulnerabilidad de inclusión remota de archivo en PHP en core/videodb.class.xml.php en el componente VideoDB para Mambo 0.3 y anteriores permite a atacantes remotos ejecutar código PHP de su elección a través de una URL en el parámetro mosConfig_absolute_path. • https://www.exploit-db.com/exploits/2020 http://secunia.com/advisories/21082 http://www.securityfocus.com/bid/19049 http://www.vupen.com/english/advisories/2006/2845 https://exchange.xforce.ibmcloud.com/vulnerabilities/27778 •