CVE-2006-5254

Mambo Component com_registration_detailed 4.1 - Remote File Inclusion

Severity Score

7.5

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

PHP remote file inclusion vulnerability in registration_detailed.inc.php in Mark Van Bellen Detailed User Registration (com_registration_detailed), aka regdetailed, 4.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.

Vulnerabilidad de inclusión remota de archivo en PHP en registration_detailed.inc.php en Mark Van Bellen Registro Detallado de Usuario (com_registration_detailed), también conocido como regdetailed 4.1 y versiones anteriores, permite a atacantes remotos ejecutar código PHP de su elección mediante una URL en el parámetro mosConfig_absolute_path.

*Credits: N/A

CVSS Scores

NISTv2 7.5

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2006-10-12 CVE Reserved
2006-10-12 CVE Published
2024-03-06 EPSS Updated
2024-08-07 CVE Updated
2024-08-07 First Exploit
---------- Exploited in Wild
---------- KEV Due Date

CWE

CAPEC

References (3)

URL	Tag	Source
https://exchange.xforce.ibmcloud.com/vulnerabilities/28982	Vdb Entry

URL	Date	SRC
https://www.exploit-db.com/exploits/2379	2024-08-07
http://www.securityfocus.com/bid/20072	2024-08-07

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Mamboxchange Search vendor "Mamboxchange"		Extended Registration Search vendor "Mamboxchange" for product "Extended Registration"				<= 4.1 Search vendor "Mamboxchange" for product "Extended Registration" and version " <= 4.1"		-		Affected