Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    30 vulnerabilities by mamboxchange

    CVE-2008-0500 (GCVE-0-2008-0500)

    Vulnerability from nvd – Published: 2008-01-30 21:00 – Updated: 2024-08-07 07:46
    VLAI
    Summary
    Multiple unspecified vulnerabilities in Mambo LaiThai 4.5.5 have unknown impact and attack vectors related to (1) mod_login and (2) mod_template_chooser.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/27483 vdb-entryx_refsource_BID
    http://secunia.com/advisories/28652 third-party-advisoryx_refsource_SECUNIA
    http://sourceforge.net/project/shownotes.php?grou… x_refsource_CONFIRM
    http://www.vupen.com/english/advisories/2008/0316 vdb-entryx_refsource_VUPEN
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2008-01-25 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T07:46:55.050Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "27483",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/27483"
              },
              {
                "name": "28652",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/28652"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://sourceforge.net/project/shownotes.php?group_id=192544\u0026release_id=571300"
              },
              {
                "name": "ADV-2008-0316",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2008/0316"
              },
              {
                "name": "mambo-laithai-multiple-unspecified(40014)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40014"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-01-25T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple unspecified vulnerabilities in Mambo LaiThai 4.5.5 have unknown impact and attack vectors related to (1) mod_login and (2) mod_template_chooser."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-07T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "27483",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/27483"
            },
            {
              "name": "28652",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/28652"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://sourceforge.net/project/shownotes.php?group_id=192544\u0026release_id=571300"
            },
            {
              "name": "ADV-2008-0316",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/0316"
            },
            {
              "name": "mambo-laithai-multiple-unspecified(40014)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40014"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-0500",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple unspecified vulnerabilities in Mambo LaiThai 4.5.5 have unknown impact and attack vectors related to (1) mod_login and (2) mod_template_chooser."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "27483",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/27483"
                },
                {
                  "name": "28652",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/28652"
                },
                {
                  "name": "http://sourceforge.net/project/shownotes.php?group_id=192544\u0026release_id=571300",
                  "refsource": "CONFIRM",
                  "url": "http://sourceforge.net/project/shownotes.php?group_id=192544\u0026release_id=571300"
                },
                {
                  "name": "ADV-2008-0316",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2008/0316"
                },
                {
                  "name": "mambo-laithai-multiple-unspecified(40014)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40014"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-0500",
        "datePublished": "2008-01-30T21:00:00.000Z",
        "dateReserved": "2008-01-30T00:00:00.000Z",
        "dateUpdated": "2024-08-07T07:46:55.050Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-0499 (GCVE-0-2008-0499)

    Vulnerability from nvd – Published: 2008-01-30 21:00 – Updated: 2024-08-07 07:46
    VLAI
    Summary
    SQL injection vulnerability in Mambo LaiThai 4.5.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/27483 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/28652 third-party-advisoryx_refsource_SECUNIA
    http://sourceforge.net/project/shownotes.php?grou… x_refsource_CONFIRM
    http://www.vupen.com/english/advisories/2008/0316 vdb-entryx_refsource_VUPEN
    Date Public
    2008-01-25 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T07:46:54.890Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "27483",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/27483"
              },
              {
                "name": "mambo-laithai-unspecified-sql-injection(40013)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40013"
              },
              {
                "name": "28652",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/28652"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://sourceforge.net/project/shownotes.php?group_id=192544\u0026release_id=571300"
              },
              {
                "name": "ADV-2008-0316",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2008/0316"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-01-25T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "SQL injection vulnerability in Mambo LaiThai 4.5.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-07T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "27483",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/27483"
            },
            {
              "name": "mambo-laithai-unspecified-sql-injection(40013)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40013"
            },
            {
              "name": "28652",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/28652"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://sourceforge.net/project/shownotes.php?group_id=192544\u0026release_id=571300"
            },
            {
              "name": "ADV-2008-0316",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/0316"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-0499",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "SQL injection vulnerability in Mambo LaiThai 4.5.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "27483",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/27483"
                },
                {
                  "name": "mambo-laithai-unspecified-sql-injection(40013)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40013"
                },
                {
                  "name": "28652",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/28652"
                },
                {
                  "name": "http://sourceforge.net/project/shownotes.php?group_id=192544\u0026release_id=571300",
                  "refsource": "CONFIRM",
                  "url": "http://sourceforge.net/project/shownotes.php?group_id=192544\u0026release_id=571300"
                },
                {
                  "name": "ADV-2008-0316",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2008/0316"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-0499",
        "datePublished": "2008-01-30T21:00:00.000Z",
        "dateReserved": "2008-01-30T00:00:00.000Z",
        "dateUpdated": "2024-08-07T07:46:54.890Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-1992 (GCVE-0-2007-1992)

    Vulnerability from nvd – Published: 2007-04-12 10:00 – Updated: 2024-08-07 13:13
    VLAI
    Summary
    Multiple PHP remote file inclusion vulnerabilities in the com_zoom 2.5 beta 2 and earlier module for Mambo allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to (1) EXIF_Makernote.php or (2) EXIF.php in classes/iptc/.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.vupen.com/english/advisories/2007/1353 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/bid/23415 vdb-entryx_refsource_BID
    https://www.exploit-db.com/exploits/3706 exploitx_refsource_EXPLOIT-DB
    Date Public
    2007-04-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T13:13:42.054Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "zmg-exif-file-include(33580)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33580"
              },
              {
                "name": "ADV-2007-1353",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/1353"
              },
              {
                "name": "23415",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/23415"
              },
              {
                "name": "3706",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/3706"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-04-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple PHP remote file inclusion vulnerabilities in the com_zoom 2.5 beta 2 and earlier module for Mambo allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to (1) EXIF_Makernote.php or (2) EXIF.php in classes/iptc/."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-10T00:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "zmg-exif-file-include(33580)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33580"
            },
            {
              "name": "ADV-2007-1353",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/1353"
            },
            {
              "name": "23415",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/23415"
            },
            {
              "name": "3706",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/3706"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-1992",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple PHP remote file inclusion vulnerabilities in the com_zoom 2.5 beta 2 and earlier module for Mambo allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to (1) EXIF_Makernote.php or (2) EXIF.php in classes/iptc/."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "zmg-exif-file-include(33580)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33580"
                },
                {
                  "name": "ADV-2007-1353",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/1353"
                },
                {
                  "name": "23415",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/23415"
                },
                {
                  "name": "3706",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/3706"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-1992",
        "datePublished": "2007-04-12T10:00:00.000Z",
        "dateReserved": "2007-04-11T00:00:00.000Z",
        "dateUpdated": "2024-08-07T13:13:42.054Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-7092 (GCVE-0-2006-7092)

    Vulnerability from nvd – Published: 2007-02-28 00:00 – Updated: 2024-08-07 20:50
    VLAI
    Summary
    SQL injection vulnerability in includes/mambo.php in Mambo LaiThai 4.5.4 SP2 and earlier allows remote attackers to execute arbitrary SQL commands via the usercookie[password] cookie parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/20413 vdb-entryx_refsource_BID
    http://www.vupen.com/english/advisories/2006/3953 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/22263 third-party-advisoryx_refsource_SECUNIA
    http://mamboxchange.com/forum/forum.php?forum_id=7767 x_refsource_CONFIRM
    Date Public
    2006-10-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T20:50:06.226Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20413",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/20413"
              },
              {
                "name": "ADV-2006-3953",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/3953"
              },
              {
                "name": "22263",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22263"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://mamboxchange.com/forum/forum.php?forum_id=7767"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-10-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "SQL injection vulnerability in includes/mambo.php in Mambo LaiThai 4.5.4 SP2 and earlier allows remote attackers to execute arbitrary SQL commands via the usercookie[password] cookie parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2009-02-26T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20413",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/20413"
            },
            {
              "name": "ADV-2006-3953",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/3953"
            },
            {
              "name": "22263",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22263"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://mamboxchange.com/forum/forum.php?forum_id=7767"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-7092",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "SQL injection vulnerability in includes/mambo.php in Mambo LaiThai 4.5.4 SP2 and earlier allows remote attackers to execute arbitrary SQL commands via the usercookie[password] cookie parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20413",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/20413"
                },
                {
                  "name": "ADV-2006-3953",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/3953"
                },
                {
                  "name": "22263",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/22263"
                },
                {
                  "name": "http://mamboxchange.com/forum/forum.php?forum_id=7767",
                  "refsource": "CONFIRM",
                  "url": "http://mamboxchange.com/forum/forum.php?forum_id=7767"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-7092",
        "datePublished": "2007-02-28T00:00:00.000Z",
        "dateReserved": "2007-02-27T00:00:00.000Z",
        "dateUpdated": "2024-08-07T20:50:06.226Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-7093 (GCVE-0-2006-7093)

    Vulnerability from nvd – Published: 2007-02-28 00:00 – Updated: 2024-08-07 20:50
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in Mambo LaiThai 4.5.4 Security Patch 2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/20458/info vdb-entryx_refsource_BID
    http://www.vupen.com/english/advisories/2006/3953 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/22263 third-party-advisoryx_refsource_SECUNIA
    http://mamboxchange.com/forum/forum.php?forum_id=7767 x_refsource_CONFIRM
    Date Public
    2006-10-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T20:50:05.980Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20458",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/20458/info"
              },
              {
                "name": "ADV-2006-3953",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/3953"
              },
              {
                "name": "22263",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22263"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://mamboxchange.com/forum/forum.php?forum_id=7767"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-10-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in Mambo LaiThai 4.5.4 Security Patch 2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2009-02-26T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20458",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/20458/info"
            },
            {
              "name": "ADV-2006-3953",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/3953"
            },
            {
              "name": "22263",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22263"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://mamboxchange.com/forum/forum.php?forum_id=7767"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-7093",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in Mambo LaiThai 4.5.4 Security Patch 2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20458",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/20458/info"
                },
                {
                  "name": "ADV-2006-3953",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/3953"
                },
                {
                  "name": "22263",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/22263"
                },
                {
                  "name": "http://mamboxchange.com/forum/forum.php?forum_id=7767",
                  "refsource": "CONFIRM",
                  "url": "http://mamboxchange.com/forum/forum.php?forum_id=7767"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-7093",
        "datePublished": "2007-02-28T00:00:00.000Z",
        "dateReserved": "2007-02-27T00:00:00.000Z",
        "dateUpdated": "2024-08-07T20:50:05.980Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-6051 (GCVE-0-2006-6051)

    Vulnerability from nvd – Published: 2006-11-22 00:00 – Updated: 2024-08-07 20:12
    VLAI
    Summary
    PHP remote file inclusion vulnerability in reporter.logic.php in the MosReporter (com_reporter) component for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/archive/1/451960/100… mailing-listx_refsource_BUGTRAQ
    https://www.exploit-db.com/exploits/2807 exploitx_refsource_EXPLOIT-DB
    http://www.securityfocus.com/bid/21160 vdb-entryx_refsource_BID
    Date Public
    2006-11-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T20:12:31.474Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "mosreporter-reporter-file-include(30410)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30410"
              },
              {
                "name": "20061117 MosReporter Joomla Component Remote File Inclusion Exploi",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/451960/100/0/threaded"
              },
              {
                "name": "2807",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/2807"
              },
              {
                "name": "21160",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/21160"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-11-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "PHP remote file inclusion vulnerability in reporter.logic.php in the MosReporter (com_reporter) component for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "mosreporter-reporter-file-include(30410)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30410"
            },
            {
              "name": "20061117 MosReporter Joomla Component Remote File Inclusion Exploi",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/451960/100/0/threaded"
            },
            {
              "name": "2807",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/2807"
            },
            {
              "name": "21160",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/21160"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-6051",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "PHP remote file inclusion vulnerability in reporter.logic.php in the MosReporter (com_reporter) component for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "mosreporter-reporter-file-include(30410)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30410"
                },
                {
                  "name": "20061117 MosReporter Joomla Component Remote File Inclusion Exploi",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/451960/100/0/threaded"
                },
                {
                  "name": "2807",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/2807"
                },
                {
                  "name": "21160",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/21160"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-6051",
        "datePublished": "2006-11-22T00:00:00.000Z",
        "dateReserved": "2006-11-21T00:00:00.000Z",
        "dateUpdated": "2024-08-07T20:12:31.474Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-5254 (GCVE-0-2006-5254)

    Vulnerability from nvd – Published: 2006-10-12 22:00 – Updated: 2024-08-07 19:41
    VLAI
    Summary
    PHP remote file inclusion vulnerability in registration_detailed.inc.php in Mark Van Bellen Detailed User Registration (com_registration_detailed), aka regdetailed, 4.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    https://www.exploit-db.com/exploits/2379 exploitx_refsource_EXPLOIT-DB
    http://www.securityfocus.com/bid/20072 vdb-entryx_refsource_BID
    Date Public
    2006-09-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T19:41:05.159Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "registration-detailed-file-include(28982)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28982"
              },
              {
                "name": "2379",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/2379"
              },
              {
                "name": "20072",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/20072"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-09-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "PHP remote file inclusion vulnerability in registration_detailed.inc.php in Mark Van Bellen Detailed User Registration (com_registration_detailed), aka regdetailed, 4.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-18T16:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "registration-detailed-file-include(28982)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28982"
            },
            {
              "name": "2379",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/2379"
            },
            {
              "name": "20072",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/20072"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-5254",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "PHP remote file inclusion vulnerability in registration_detailed.inc.php in Mark Van Bellen Detailed User Registration (com_registration_detailed), aka regdetailed, 4.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "registration-detailed-file-include(28982)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28982"
                },
                {
                  "name": "2379",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/2379"
                },
                {
                  "name": "20072",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/20072"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-5254",
        "datePublished": "2006-10-12T22:00:00.000Z",
        "dateReserved": "2006-10-12T00:00:00.000Z",
        "dateUpdated": "2024-08-07T19:41:05.159Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-4858 (GCVE-0-2006-4858)

    Vulnerability from nvd – Published: 2006-09-19 18:00 – Updated: 2024-08-07 19:23
    VLAI
    Summary
    PHP remote file inclusion vulnerability in install.serverstat.php in the Serverstat (com_serverstat) 0.4.4 and earlier component for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.vupen.com/english/advisories/2006/3610 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/bid/20018 vdb-entryx_refsource_BID
    http://securityreason.com/securityalert/1598 third-party-advisoryx_refsource_SREASON
    http://secunia.com/advisories/21943 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/archive/1/446110/100… mailing-listx_refsource_BUGTRAQ
    https://www.exploit-db.com/exploits/2367 exploitx_refsource_EXPLOIT-DB
    Date Public
    2006-09-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T19:23:41.328Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ADV-2006-3610",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/3610"
              },
              {
                "name": "20018",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/20018"
              },
              {
                "name": "1598",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1598"
              },
              {
                "name": "21943",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21943"
              },
              {
                "name": "serverstat-install-file-include(28959)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28959"
              },
              {
                "name": "20060914 Mambo com_serverstat Component \u003c=0.4.4 Remote File Include Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/446110/100/0/threaded"
              },
              {
                "name": "2367",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/2367"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-09-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "PHP remote file inclusion vulnerability in install.serverstat.php in the Serverstat (com_serverstat) 0.4.4 and earlier component for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "ADV-2006-3610",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/3610"
            },
            {
              "name": "20018",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/20018"
            },
            {
              "name": "1598",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1598"
            },
            {
              "name": "21943",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21943"
            },
            {
              "name": "serverstat-install-file-include(28959)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28959"
            },
            {
              "name": "20060914 Mambo com_serverstat Component \u003c=0.4.4 Remote File Include Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/446110/100/0/threaded"
            },
            {
              "name": "2367",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/2367"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-4858",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "PHP remote file inclusion vulnerability in install.serverstat.php in the Serverstat (com_serverstat) 0.4.4 and earlier component for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ADV-2006-3610",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/3610"
                },
                {
                  "name": "20018",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/20018"
                },
                {
                  "name": "1598",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1598"
                },
                {
                  "name": "21943",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/21943"
                },
                {
                  "name": "serverstat-install-file-include(28959)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28959"
                },
                {
                  "name": "20060914 Mambo com_serverstat Component \u003c=0.4.4 Remote File Include Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/446110/100/0/threaded"
                },
                {
                  "name": "2367",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/2367"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-4858",
        "datePublished": "2006-09-19T18:00:00.000Z",
        "dateReserved": "2006-09-19T00:00:00.000Z",
        "dateUpdated": "2024-08-07T19:23:41.328Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-4282 (GCVE-0-2006-4282)

    Vulnerability from nvd – Published: 2006-08-22 17:00 – Updated: 2024-08-07 19:06
    VLAI
    Summary
    PHP remote file inclusion vulnerability in MamboLogin.php in the MamboWiki component (com_mambowiki) 0.9.6 and earlier for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the IP parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2006-08-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T19:06:07.582Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20060818 Joomla MamboWiki Component \u003c= 0.9.4 (MamboLogin.php) Remote File Inclusion Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/443706/100/0/threaded"
              },
              {
                "name": "19594",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/19594"
              },
              {
                "name": "1436",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1436"
              },
              {
                "name": "mambowiki-mambologin-file-include(28463)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28463"
              },
              {
                "name": "2213",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/2213"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.lyquidity.com/mambo/index.php?option=com_mambowiki\u0026Itemid=134"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-08-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "PHP remote file inclusion vulnerability in MamboLogin.php in the MamboWiki component (com_mambowiki) 0.9.6 and earlier for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the IP parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20060818 Joomla MamboWiki Component \u003c= 0.9.4 (MamboLogin.php) Remote File Inclusion Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/443706/100/0/threaded"
            },
            {
              "name": "19594",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/19594"
            },
            {
              "name": "1436",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1436"
            },
            {
              "name": "mambowiki-mambologin-file-include(28463)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28463"
            },
            {
              "name": "2213",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/2213"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.lyquidity.com/mambo/index.php?option=com_mambowiki\u0026Itemid=134"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-4282",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "PHP remote file inclusion vulnerability in MamboLogin.php in the MamboWiki component (com_mambowiki) 0.9.6 and earlier for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the IP parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20060818 Joomla MamboWiki Component \u003c= 0.9.4 (MamboLogin.php) Remote File Inclusion Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/443706/100/0/threaded"
                },
                {
                  "name": "19594",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/19594"
                },
                {
                  "name": "1436",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1436"
                },
                {
                  "name": "mambowiki-mambologin-file-include(28463)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28463"
                },
                {
                  "name": "2213",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/2213"
                },
                {
                  "name": "http://www.lyquidity.com/mambo/index.php?option=com_mambowiki\u0026Itemid=134",
                  "refsource": "MISC",
                  "url": "http://www.lyquidity.com/mambo/index.php?option=com_mambowiki\u0026Itemid=134"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-4282",
        "datePublished": "2006-08-22T17:00:00.000Z",
        "dateReserved": "2006-08-22T00:00:00.000Z",
        "dateUpdated": "2024-08-07T19:06:07.582Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-4241 (GCVE-0-2006-4241)

    Vulnerability from nvd – Published: 2006-08-21 18:00 – Updated: 2024-08-07 19:06
    VLAI
    Summary
    PHP remote file inclusion vulnerability in processor/reporter.sql.php in the Reporter Mambo component (com_reporter) allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://securityreason.com/securityalert/1419 third-party-advisoryx_refsource_SREASON
    http://www.securityfocus.com/archive/1/443373/100… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/19553 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2006-08-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T19:06:07.104Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1419",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1419"
              },
              {
                "name": "20060816 Reporter Mambo Component Remote File \u0026#304;nclude",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/443373/100/0/threaded"
              },
              {
                "name": "19553",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/19553"
              },
              {
                "name": "reporter-reporter-sql-file-include(28412)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28412"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-08-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "PHP remote file inclusion vulnerability in processor/reporter.sql.php in the Reporter Mambo component (com_reporter) allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1419",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1419"
            },
            {
              "name": "20060816 Reporter Mambo Component Remote File \u0026#304;nclude",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/443373/100/0/threaded"
            },
            {
              "name": "19553",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/19553"
            },
            {
              "name": "reporter-reporter-sql-file-include(28412)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28412"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-4241",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "PHP remote file inclusion vulnerability in processor/reporter.sql.php in the Reporter Mambo component (com_reporter) allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1419",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1419"
                },
                {
                  "name": "20060816 Reporter Mambo Component Remote File \u0026#304;nclude",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/443373/100/0/threaded"
                },
                {
                  "name": "19553",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/19553"
                },
                {
                  "name": "reporter-reporter-sql-file-include(28412)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28412"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-4241",
        "datePublished": "2006-08-21T18:00:00.000Z",
        "dateReserved": "2006-08-21T00:00:00.000Z",
        "dateUpdated": "2024-08-07T19:06:07.104Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-4195 (GCVE-0-2006-4195)

    Vulnerability from nvd – Published: 2006-08-17 21:00 – Updated: 2024-08-07 18:57
    VLAI
    Summary
    PHP remote file inclusion vulnerability in param.peoplebook.php in the Peoplebook Component for Mambo (com_peoplebook) 1.0 and earlier, and possibly 1.1.2, when register_globals and allow_url_fopen are enabled, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.vupen.com/english/advisories/2006/3277 vdb-entryx_refsource_VUPEN
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/21470 third-party-advisoryx_refsource_SECUNIA
    https://www.exploit-db.com/exploits/2184 exploitx_refsource_EXPLOIT-DB
    http://securityreason.com/securityalert/1406 third-party-advisoryx_refsource_SREASON
    http://www.securityfocus.com/archive/1/443201/100… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/19505 vdb-entryx_refsource_BID
    Date Public
    2006-08-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T18:57:46.438Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ADV-2006-3277",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/3277"
              },
              {
                "name": "peoplebook-param-file-include(28359)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28359"
              },
              {
                "name": "21470",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21470"
              },
              {
                "name": "2184",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/2184"
              },
              {
                "name": "1406",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1406"
              },
              {
                "name": "20060814 Peoplebook Mambo Component \u003c= v1.0 Remote File Include Vulnerabilities",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/443201/100/0/threaded"
              },
              {
                "name": "19505",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/19505"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-08-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "PHP remote file inclusion vulnerability in param.peoplebook.php in the Peoplebook Component for Mambo (com_peoplebook) 1.0 and earlier, and possibly 1.1.2, when register_globals and allow_url_fopen are enabled, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "ADV-2006-3277",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/3277"
            },
            {
              "name": "peoplebook-param-file-include(28359)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28359"
            },
            {
              "name": "21470",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21470"
            },
            {
              "name": "2184",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/2184"
            },
            {
              "name": "1406",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1406"
            },
            {
              "name": "20060814 Peoplebook Mambo Component \u003c= v1.0 Remote File Include Vulnerabilities",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/443201/100/0/threaded"
            },
            {
              "name": "19505",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/19505"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-4195",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "PHP remote file inclusion vulnerability in param.peoplebook.php in the Peoplebook Component for Mambo (com_peoplebook) 1.0 and earlier, and possibly 1.1.2, when register_globals and allow_url_fopen are enabled, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ADV-2006-3277",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/3277"
                },
                {
                  "name": "peoplebook-param-file-include(28359)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28359"
                },
                {
                  "name": "21470",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/21470"
                },
                {
                  "name": "2184",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/2184"
                },
                {
                  "name": "1406",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1406"
                },
                {
                  "name": "20060814 Peoplebook Mambo Component \u003c= v1.0 Remote File Include Vulnerabilities",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/443201/100/0/threaded"
                },
                {
                  "name": "19505",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/19505"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-4195",
        "datePublished": "2006-08-17T21:00:00.000Z",
        "dateReserved": "2006-08-17T00:00:00.000Z",
        "dateUpdated": "2024-08-07T18:57:46.438Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-4203 (GCVE-0-2006-4203)

    Vulnerability from nvd – Published: 2006-08-17 21:00 – Updated: 2024-08-07 18:57
    VLAI
    Summary
    PHP remote file inclusion vulnerability in help.mmp.php in the MMP Component (com_mmp) 1.2 and earlier for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.vupen.com/english/advisories/2006/3278 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/bid/19502 vdb-entryx_refsource_BID
    http://secunia.com/advisories/21479 third-party-advisoryx_refsource_SECUNIA
    https://www.exploit-db.com/exploits/2182 exploitx_refsource_EXPLOIT-DB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2006-08-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T18:57:46.515Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ADV-2006-3278",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/3278"
              },
              {
                "name": "19502",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/19502"
              },
              {
                "name": "21479",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21479"
              },
              {
                "name": "2182",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/2182"
              },
              {
                "name": "commmp-help-file-include(28361)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28361"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-08-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "PHP remote file inclusion vulnerability in help.mmp.php in the MMP Component (com_mmp) 1.2 and earlier for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-18T16:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "ADV-2006-3278",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/3278"
            },
            {
              "name": "19502",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/19502"
            },
            {
              "name": "21479",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21479"
            },
            {
              "name": "2182",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/2182"
            },
            {
              "name": "commmp-help-file-include(28361)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28361"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-4203",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "PHP remote file inclusion vulnerability in help.mmp.php in the MMP Component (com_mmp) 1.2 and earlier for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ADV-2006-3278",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/3278"
                },
                {
                  "name": "19502",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/19502"
                },
                {
                  "name": "21479",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/21479"
                },
                {
                  "name": "2182",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/2182"
                },
                {
                  "name": "commmp-help-file-include(28361)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28361"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-4203",
        "datePublished": "2006-08-17T21:00:00.000Z",
        "dateReserved": "2006-08-17T00:00:00.000Z",
        "dateUpdated": "2024-08-07T18:57:46.515Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-3930 (GCVE-0-2006-3930)

    Vulnerability from nvd – Published: 2006-07-31 21:00 – Updated: 2024-08-07 18:48
    VLAI
    Summary
    PHP remote file inclusion vulnerability in admin.a6mambohelpdesk.php in a6mambohelpdesk Mambo Component 18RC1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.osvdb.org/27654 vdb-entryx_refsource_OSVDB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/bid/19198 vdb-entryx_refsource_BID
    http://www.securityfocus.com/archive/1/441286/100… mailing-listx_refsource_BUGTRAQ
    http://securityreason.com/securityalert/1309 third-party-advisoryx_refsource_SREASON
    http://secunia.com/advisories/21227 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2006/3015 vdb-entryx_refsource_VUPEN
    https://www.exploit-db.com/exploits/2078 exploitx_refsource_EXPLOIT-DB
    Date Public
    2006-07-27 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T18:48:39.413Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "27654",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/27654"
              },
              {
                "name": "a6mambohelpdesk-admina6mambo-file-include(28054)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28054"
              },
              {
                "name": "19198",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/19198"
              },
              {
                "name": "20060727 a6mambohelpdesk Mambo Component \u003c= 18RC1 Remote Include Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/441286/100/0/threaded"
              },
              {
                "name": "1309",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1309"
              },
              {
                "name": "21227",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21227"
              },
              {
                "name": "ADV-2006-3015",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/3015"
              },
              {
                "name": "2078",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/2078"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-07-27T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "PHP remote file inclusion vulnerability in admin.a6mambohelpdesk.php in a6mambohelpdesk Mambo Component 18RC1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "27654",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/27654"
            },
            {
              "name": "a6mambohelpdesk-admina6mambo-file-include(28054)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28054"
            },
            {
              "name": "19198",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/19198"
            },
            {
              "name": "20060727 a6mambohelpdesk Mambo Component \u003c= 18RC1 Remote Include Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/441286/100/0/threaded"
            },
            {
              "name": "1309",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1309"
            },
            {
              "name": "21227",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21227"
            },
            {
              "name": "ADV-2006-3015",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/3015"
            },
            {
              "name": "2078",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/2078"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-3930",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "PHP remote file inclusion vulnerability in admin.a6mambohelpdesk.php in a6mambohelpdesk Mambo Component 18RC1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "27654",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/27654"
                },
                {
                  "name": "a6mambohelpdesk-admina6mambo-file-include(28054)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28054"
                },
                {
                  "name": "19198",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/19198"
                },
                {
                  "name": "20060727 a6mambohelpdesk Mambo Component \u003c= 18RC1 Remote Include Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/441286/100/0/threaded"
                },
                {
                  "name": "1309",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1309"
                },
                {
                  "name": "21227",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/21227"
                },
                {
                  "name": "ADV-2006-3015",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/3015"
                },
                {
                  "name": "2078",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/2078"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-3930",
        "datePublished": "2006-07-31T21:00:00.000Z",
        "dateReserved": "2006-07-31T00:00:00.000Z",
        "dateUpdated": "2024-08-07T18:48:39.413Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-3748 (GCVE-0-2006-3748)

    Vulnerability from nvd – Published: 2006-07-20 23:00 – Updated: 2024-08-07 18:39
    VLAI
    Summary
    PHP remote file inclusion vulnerability in includes/abbc/abbc.class.php in the LoudMouth Component for Mambo 4.0j, and possibly other versions including 4.1, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/21077 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/bid/19044 vdb-entryx_refsource_BID
    http://www.vupen.com/english/advisories/2006/2844 vdb-entryx_refsource_VUPEN
    https://www.exploit-db.com/exploits/2023 exploitx_refsource_EXPLOIT-DB
    Date Public
    2006-07-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T18:39:54.025Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "21077",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21077"
              },
              {
                "name": "loudmouth-class-file-include(27772)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27772"
              },
              {
                "name": "19044",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/19044"
              },
              {
                "name": "ADV-2006-2844",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/2844"
              },
              {
                "name": "2023",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/2023"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-07-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "PHP remote file inclusion vulnerability in includes/abbc/abbc.class.php in the LoudMouth Component for Mambo 4.0j, and possibly other versions including 4.1, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-18T16:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "21077",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21077"
            },
            {
              "name": "loudmouth-class-file-include(27772)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27772"
            },
            {
              "name": "19044",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/19044"
            },
            {
              "name": "ADV-2006-2844",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/2844"
            },
            {
              "name": "2023",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/2023"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-3748",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "PHP remote file inclusion vulnerability in includes/abbc/abbc.class.php in the LoudMouth Component for Mambo 4.0j, and possibly other versions including 4.1, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "21077",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/21077"
                },
                {
                  "name": "loudmouth-class-file-include(27772)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27772"
                },
                {
                  "name": "19044",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/19044"
                },
                {
                  "name": "ADV-2006-2844",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/2844"
                },
                {
                  "name": "2023",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/2023"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-3748",
        "datePublished": "2006-07-20T23:00:00.000Z",
        "dateReserved": "2006-07-20T00:00:00.000Z",
        "dateUpdated": "2024-08-07T18:39:54.025Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-3528 (GCVE-0-2006-3528)

    Vulnerability from nvd – Published: 2006-07-12 00:00 – Updated: 2024-08-07 18:30
    VLAI
    Summary
    Multiple PHP remote file inclusion vulnerabilities in Simpleboard Mambo module 1.1.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the sbp parameter to (1) image_upload.php and (2) file_upload.php.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/archive/1/445716/100… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/18917 vdb-entryx_refsource_BID
    http://marc.info/?l=bugtraq&m=115876919804966&w=2 mailing-listx_refsource_BUGTRAQ
    http://www.osvdb.org/28531 vdb-entryx_refsource_OSVDB
    http://securitytracker.com/id?1016824 vdb-entryx_refsource_SECTRACK
    http://www.vupen.com/english/advisories/2006/2716 vdb-entryx_refsource_VUPEN
    https://www.exploit-db.com/exploits/1994 exploitx_refsource_EXPLOIT-DB
    http://www.osvdb.org/27421 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/20981 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2006-07-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T18:30:34.115Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20060909 SimpleBoard Mambo Component 1.1.0 Remote File Include",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/445716/100/0/threaded"
              },
              {
                "name": "18917",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/18917"
              },
              {
                "name": "20060920 Re: SimpleBoard Mambo Component 1.1.0 Remote File Include",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=115876919804966\u0026w=2"
              },
              {
                "name": "28531",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/28531"
              },
              {
                "name": "1016824",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1016824"
              },
              {
                "name": "ADV-2006-2716",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/2716"
              },
              {
                "name": "1994",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/1994"
              },
              {
                "name": "27421",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/27421"
              },
              {
                "name": "20981",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/20981"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-07-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple PHP remote file inclusion vulnerabilities in Simpleboard Mambo module 1.1.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the sbp parameter to (1) image_upload.php and (2) file_upload.php."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-18T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20060909 SimpleBoard Mambo Component 1.1.0 Remote File Include",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/445716/100/0/threaded"
            },
            {
              "name": "18917",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/18917"
            },
            {
              "name": "20060920 Re: SimpleBoard Mambo Component 1.1.0 Remote File Include",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=115876919804966\u0026w=2"
            },
            {
              "name": "28531",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/28531"
            },
            {
              "name": "1016824",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1016824"
            },
            {
              "name": "ADV-2006-2716",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/2716"
            },
            {
              "name": "1994",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/1994"
            },
            {
              "name": "27421",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/27421"
            },
            {
              "name": "20981",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/20981"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-3528",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple PHP remote file inclusion vulnerabilities in Simpleboard Mambo module 1.1.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the sbp parameter to (1) image_upload.php and (2) file_upload.php."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20060909 SimpleBoard Mambo Component 1.1.0 Remote File Include",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/445716/100/0/threaded"
                },
                {
                  "name": "18917",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/18917"
                },
                {
                  "name": "20060920 Re: SimpleBoard Mambo Component 1.1.0 Remote File Include",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=115876919804966\u0026w=2"
                },
                {
                  "name": "28531",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/28531"
                },
                {
                  "name": "1016824",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1016824"
                },
                {
                  "name": "ADV-2006-2716",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/2716"
                },
                {
                  "name": "1994",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/1994"
                },
                {
                  "name": "27421",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/27421"
                },
                {
                  "name": "20981",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/20981"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-3528",
        "datePublished": "2006-07-12T00:00:00.000Z",
        "dateReserved": "2006-07-11T00:00:00.000Z",
        "dateUpdated": "2024-08-07T18:30:34.115Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-0500 (GCVE-0-2008-0500)

    Vulnerability from cvelistv5 – Published: 2008-01-30 21:00 – Updated: 2024-08-07 07:46
    VLAI
    Summary
    Multiple unspecified vulnerabilities in Mambo LaiThai 4.5.5 have unknown impact and attack vectors related to (1) mod_login and (2) mod_template_chooser.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/27483 vdb-entryx_refsource_BID
    http://secunia.com/advisories/28652 third-party-advisoryx_refsource_SECUNIA
    http://sourceforge.net/project/shownotes.php?grou… x_refsource_CONFIRM
    http://www.vupen.com/english/advisories/2008/0316 vdb-entryx_refsource_VUPEN
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2008-01-25 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T07:46:55.050Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "27483",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/27483"
              },
              {
                "name": "28652",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/28652"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://sourceforge.net/project/shownotes.php?group_id=192544\u0026release_id=571300"
              },
              {
                "name": "ADV-2008-0316",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2008/0316"
              },
              {
                "name": "mambo-laithai-multiple-unspecified(40014)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40014"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-01-25T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple unspecified vulnerabilities in Mambo LaiThai 4.5.5 have unknown impact and attack vectors related to (1) mod_login and (2) mod_template_chooser."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-07T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "27483",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/27483"
            },
            {
              "name": "28652",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/28652"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://sourceforge.net/project/shownotes.php?group_id=192544\u0026release_id=571300"
            },
            {
              "name": "ADV-2008-0316",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/0316"
            },
            {
              "name": "mambo-laithai-multiple-unspecified(40014)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40014"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-0500",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple unspecified vulnerabilities in Mambo LaiThai 4.5.5 have unknown impact and attack vectors related to (1) mod_login and (2) mod_template_chooser."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "27483",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/27483"
                },
                {
                  "name": "28652",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/28652"
                },
                {
                  "name": "http://sourceforge.net/project/shownotes.php?group_id=192544\u0026release_id=571300",
                  "refsource": "CONFIRM",
                  "url": "http://sourceforge.net/project/shownotes.php?group_id=192544\u0026release_id=571300"
                },
                {
                  "name": "ADV-2008-0316",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2008/0316"
                },
                {
                  "name": "mambo-laithai-multiple-unspecified(40014)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40014"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-0500",
        "datePublished": "2008-01-30T21:00:00.000Z",
        "dateReserved": "2008-01-30T00:00:00.000Z",
        "dateUpdated": "2024-08-07T07:46:55.050Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-0499 (GCVE-0-2008-0499)

    Vulnerability from cvelistv5 – Published: 2008-01-30 21:00 – Updated: 2024-08-07 07:46
    VLAI
    Summary
    SQL injection vulnerability in Mambo LaiThai 4.5.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/27483 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/28652 third-party-advisoryx_refsource_SECUNIA
    http://sourceforge.net/project/shownotes.php?grou… x_refsource_CONFIRM
    http://www.vupen.com/english/advisories/2008/0316 vdb-entryx_refsource_VUPEN
    Date Public
    2008-01-25 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T07:46:54.890Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "27483",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/27483"
              },
              {
                "name": "mambo-laithai-unspecified-sql-injection(40013)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40013"
              },
              {
                "name": "28652",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/28652"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://sourceforge.net/project/shownotes.php?group_id=192544\u0026release_id=571300"
              },
              {
                "name": "ADV-2008-0316",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2008/0316"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-01-25T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "SQL injection vulnerability in Mambo LaiThai 4.5.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-07T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "27483",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/27483"
            },
            {
              "name": "mambo-laithai-unspecified-sql-injection(40013)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40013"
            },
            {
              "name": "28652",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/28652"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://sourceforge.net/project/shownotes.php?group_id=192544\u0026release_id=571300"
            },
            {
              "name": "ADV-2008-0316",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/0316"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-0499",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "SQL injection vulnerability in Mambo LaiThai 4.5.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "27483",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/27483"
                },
                {
                  "name": "mambo-laithai-unspecified-sql-injection(40013)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40013"
                },
                {
                  "name": "28652",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/28652"
                },
                {
                  "name": "http://sourceforge.net/project/shownotes.php?group_id=192544\u0026release_id=571300",
                  "refsource": "CONFIRM",
                  "url": "http://sourceforge.net/project/shownotes.php?group_id=192544\u0026release_id=571300"
                },
                {
                  "name": "ADV-2008-0316",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2008/0316"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-0499",
        "datePublished": "2008-01-30T21:00:00.000Z",
        "dateReserved": "2008-01-30T00:00:00.000Z",
        "dateUpdated": "2024-08-07T07:46:54.890Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-1992 (GCVE-0-2007-1992)

    Vulnerability from cvelistv5 – Published: 2007-04-12 10:00 – Updated: 2024-08-07 13:13
    VLAI
    Summary
    Multiple PHP remote file inclusion vulnerabilities in the com_zoom 2.5 beta 2 and earlier module for Mambo allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to (1) EXIF_Makernote.php or (2) EXIF.php in classes/iptc/.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.vupen.com/english/advisories/2007/1353 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/bid/23415 vdb-entryx_refsource_BID
    https://www.exploit-db.com/exploits/3706 exploitx_refsource_EXPLOIT-DB
    Date Public
    2007-04-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T13:13:42.054Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "zmg-exif-file-include(33580)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33580"
              },
              {
                "name": "ADV-2007-1353",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/1353"
              },
              {
                "name": "23415",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/23415"
              },
              {
                "name": "3706",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/3706"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-04-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple PHP remote file inclusion vulnerabilities in the com_zoom 2.5 beta 2 and earlier module for Mambo allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to (1) EXIF_Makernote.php or (2) EXIF.php in classes/iptc/."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-10T00:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "zmg-exif-file-include(33580)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33580"
            },
            {
              "name": "ADV-2007-1353",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/1353"
            },
            {
              "name": "23415",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/23415"
            },
            {
              "name": "3706",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/3706"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-1992",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple PHP remote file inclusion vulnerabilities in the com_zoom 2.5 beta 2 and earlier module for Mambo allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to (1) EXIF_Makernote.php or (2) EXIF.php in classes/iptc/."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "zmg-exif-file-include(33580)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33580"
                },
                {
                  "name": "ADV-2007-1353",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/1353"
                },
                {
                  "name": "23415",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/23415"
                },
                {
                  "name": "3706",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/3706"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-1992",
        "datePublished": "2007-04-12T10:00:00.000Z",
        "dateReserved": "2007-04-11T00:00:00.000Z",
        "dateUpdated": "2024-08-07T13:13:42.054Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-7092 (GCVE-0-2006-7092)

    Vulnerability from cvelistv5 – Published: 2007-02-28 00:00 – Updated: 2024-08-07 20:50
    VLAI
    Summary
    SQL injection vulnerability in includes/mambo.php in Mambo LaiThai 4.5.4 SP2 and earlier allows remote attackers to execute arbitrary SQL commands via the usercookie[password] cookie parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/20413 vdb-entryx_refsource_BID
    http://www.vupen.com/english/advisories/2006/3953 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/22263 third-party-advisoryx_refsource_SECUNIA
    http://mamboxchange.com/forum/forum.php?forum_id=7767 x_refsource_CONFIRM
    Date Public
    2006-10-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T20:50:06.226Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20413",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/20413"
              },
              {
                "name": "ADV-2006-3953",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/3953"
              },
              {
                "name": "22263",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22263"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://mamboxchange.com/forum/forum.php?forum_id=7767"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-10-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "SQL injection vulnerability in includes/mambo.php in Mambo LaiThai 4.5.4 SP2 and earlier allows remote attackers to execute arbitrary SQL commands via the usercookie[password] cookie parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2009-02-26T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20413",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/20413"
            },
            {
              "name": "ADV-2006-3953",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/3953"
            },
            {
              "name": "22263",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22263"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://mamboxchange.com/forum/forum.php?forum_id=7767"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-7092",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "SQL injection vulnerability in includes/mambo.php in Mambo LaiThai 4.5.4 SP2 and earlier allows remote attackers to execute arbitrary SQL commands via the usercookie[password] cookie parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20413",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/20413"
                },
                {
                  "name": "ADV-2006-3953",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/3953"
                },
                {
                  "name": "22263",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/22263"
                },
                {
                  "name": "http://mamboxchange.com/forum/forum.php?forum_id=7767",
                  "refsource": "CONFIRM",
                  "url": "http://mamboxchange.com/forum/forum.php?forum_id=7767"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-7092",
        "datePublished": "2007-02-28T00:00:00.000Z",
        "dateReserved": "2007-02-27T00:00:00.000Z",
        "dateUpdated": "2024-08-07T20:50:06.226Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-7093 (GCVE-0-2006-7093)

    Vulnerability from cvelistv5 – Published: 2007-02-28 00:00 – Updated: 2024-08-07 20:50
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in Mambo LaiThai 4.5.4 Security Patch 2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/20458/info vdb-entryx_refsource_BID
    http://www.vupen.com/english/advisories/2006/3953 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/22263 third-party-advisoryx_refsource_SECUNIA
    http://mamboxchange.com/forum/forum.php?forum_id=7767 x_refsource_CONFIRM
    Date Public
    2006-10-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T20:50:05.980Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20458",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/20458/info"
              },
              {
                "name": "ADV-2006-3953",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/3953"
              },
              {
                "name": "22263",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22263"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://mamboxchange.com/forum/forum.php?forum_id=7767"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-10-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in Mambo LaiThai 4.5.4 Security Patch 2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2009-02-26T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20458",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/20458/info"
            },
            {
              "name": "ADV-2006-3953",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/3953"
            },
            {
              "name": "22263",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22263"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://mamboxchange.com/forum/forum.php?forum_id=7767"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-7093",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in Mambo LaiThai 4.5.4 Security Patch 2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20458",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/20458/info"
                },
                {
                  "name": "ADV-2006-3953",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/3953"
                },
                {
                  "name": "22263",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/22263"
                },
                {
                  "name": "http://mamboxchange.com/forum/forum.php?forum_id=7767",
                  "refsource": "CONFIRM",
                  "url": "http://mamboxchange.com/forum/forum.php?forum_id=7767"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-7093",
        "datePublished": "2007-02-28T00:00:00.000Z",
        "dateReserved": "2007-02-27T00:00:00.000Z",
        "dateUpdated": "2024-08-07T20:50:05.980Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-6051 (GCVE-0-2006-6051)

    Vulnerability from cvelistv5 – Published: 2006-11-22 00:00 – Updated: 2024-08-07 20:12
    VLAI
    Summary
    PHP remote file inclusion vulnerability in reporter.logic.php in the MosReporter (com_reporter) component for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/archive/1/451960/100… mailing-listx_refsource_BUGTRAQ
    https://www.exploit-db.com/exploits/2807 exploitx_refsource_EXPLOIT-DB
    http://www.securityfocus.com/bid/21160 vdb-entryx_refsource_BID
    Date Public
    2006-11-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T20:12:31.474Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "mosreporter-reporter-file-include(30410)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30410"
              },
              {
                "name": "20061117 MosReporter Joomla Component Remote File Inclusion Exploi",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/451960/100/0/threaded"
              },
              {
                "name": "2807",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/2807"
              },
              {
                "name": "21160",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/21160"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-11-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "PHP remote file inclusion vulnerability in reporter.logic.php in the MosReporter (com_reporter) component for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "mosreporter-reporter-file-include(30410)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30410"
            },
            {
              "name": "20061117 MosReporter Joomla Component Remote File Inclusion Exploi",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/451960/100/0/threaded"
            },
            {
              "name": "2807",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/2807"
            },
            {
              "name": "21160",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/21160"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-6051",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "PHP remote file inclusion vulnerability in reporter.logic.php in the MosReporter (com_reporter) component for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "mosreporter-reporter-file-include(30410)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30410"
                },
                {
                  "name": "20061117 MosReporter Joomla Component Remote File Inclusion Exploi",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/451960/100/0/threaded"
                },
                {
                  "name": "2807",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/2807"
                },
                {
                  "name": "21160",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/21160"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-6051",
        "datePublished": "2006-11-22T00:00:00.000Z",
        "dateReserved": "2006-11-21T00:00:00.000Z",
        "dateUpdated": "2024-08-07T20:12:31.474Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-5254 (GCVE-0-2006-5254)

    Vulnerability from cvelistv5 – Published: 2006-10-12 22:00 – Updated: 2024-08-07 19:41
    VLAI
    Summary
    PHP remote file inclusion vulnerability in registration_detailed.inc.php in Mark Van Bellen Detailed User Registration (com_registration_detailed), aka regdetailed, 4.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    https://www.exploit-db.com/exploits/2379 exploitx_refsource_EXPLOIT-DB
    http://www.securityfocus.com/bid/20072 vdb-entryx_refsource_BID
    Date Public
    2006-09-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T19:41:05.159Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "registration-detailed-file-include(28982)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28982"
              },
              {
                "name": "2379",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/2379"
              },
              {
                "name": "20072",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/20072"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-09-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "PHP remote file inclusion vulnerability in registration_detailed.inc.php in Mark Van Bellen Detailed User Registration (com_registration_detailed), aka regdetailed, 4.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-18T16:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "registration-detailed-file-include(28982)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28982"
            },
            {
              "name": "2379",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/2379"
            },
            {
              "name": "20072",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/20072"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-5254",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "PHP remote file inclusion vulnerability in registration_detailed.inc.php in Mark Van Bellen Detailed User Registration (com_registration_detailed), aka regdetailed, 4.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "registration-detailed-file-include(28982)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28982"
                },
                {
                  "name": "2379",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/2379"
                },
                {
                  "name": "20072",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/20072"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-5254",
        "datePublished": "2006-10-12T22:00:00.000Z",
        "dateReserved": "2006-10-12T00:00:00.000Z",
        "dateUpdated": "2024-08-07T19:41:05.159Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-4858 (GCVE-0-2006-4858)

    Vulnerability from cvelistv5 – Published: 2006-09-19 18:00 – Updated: 2024-08-07 19:23
    VLAI
    Summary
    PHP remote file inclusion vulnerability in install.serverstat.php in the Serverstat (com_serverstat) 0.4.4 and earlier component for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.vupen.com/english/advisories/2006/3610 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/bid/20018 vdb-entryx_refsource_BID
    http://securityreason.com/securityalert/1598 third-party-advisoryx_refsource_SREASON
    http://secunia.com/advisories/21943 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/archive/1/446110/100… mailing-listx_refsource_BUGTRAQ
    https://www.exploit-db.com/exploits/2367 exploitx_refsource_EXPLOIT-DB
    Date Public
    2006-09-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T19:23:41.328Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ADV-2006-3610",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/3610"
              },
              {
                "name": "20018",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/20018"
              },
              {
                "name": "1598",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1598"
              },
              {
                "name": "21943",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21943"
              },
              {
                "name": "serverstat-install-file-include(28959)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28959"
              },
              {
                "name": "20060914 Mambo com_serverstat Component \u003c=0.4.4 Remote File Include Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/446110/100/0/threaded"
              },
              {
                "name": "2367",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/2367"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-09-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "PHP remote file inclusion vulnerability in install.serverstat.php in the Serverstat (com_serverstat) 0.4.4 and earlier component for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "ADV-2006-3610",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/3610"
            },
            {
              "name": "20018",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/20018"
            },
            {
              "name": "1598",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1598"
            },
            {
              "name": "21943",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21943"
            },
            {
              "name": "serverstat-install-file-include(28959)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28959"
            },
            {
              "name": "20060914 Mambo com_serverstat Component \u003c=0.4.4 Remote File Include Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/446110/100/0/threaded"
            },
            {
              "name": "2367",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/2367"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-4858",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "PHP remote file inclusion vulnerability in install.serverstat.php in the Serverstat (com_serverstat) 0.4.4 and earlier component for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ADV-2006-3610",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/3610"
                },
                {
                  "name": "20018",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/20018"
                },
                {
                  "name": "1598",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1598"
                },
                {
                  "name": "21943",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/21943"
                },
                {
                  "name": "serverstat-install-file-include(28959)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28959"
                },
                {
                  "name": "20060914 Mambo com_serverstat Component \u003c=0.4.4 Remote File Include Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/446110/100/0/threaded"
                },
                {
                  "name": "2367",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/2367"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-4858",
        "datePublished": "2006-09-19T18:00:00.000Z",
        "dateReserved": "2006-09-19T00:00:00.000Z",
        "dateUpdated": "2024-08-07T19:23:41.328Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-4282 (GCVE-0-2006-4282)

    Vulnerability from cvelistv5 – Published: 2006-08-22 17:00 – Updated: 2024-08-07 19:06
    VLAI
    Summary
    PHP remote file inclusion vulnerability in MamboLogin.php in the MamboWiki component (com_mambowiki) 0.9.6 and earlier for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the IP parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2006-08-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T19:06:07.582Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20060818 Joomla MamboWiki Component \u003c= 0.9.4 (MamboLogin.php) Remote File Inclusion Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/443706/100/0/threaded"
              },
              {
                "name": "19594",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/19594"
              },
              {
                "name": "1436",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1436"
              },
              {
                "name": "mambowiki-mambologin-file-include(28463)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28463"
              },
              {
                "name": "2213",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/2213"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.lyquidity.com/mambo/index.php?option=com_mambowiki\u0026Itemid=134"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-08-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "PHP remote file inclusion vulnerability in MamboLogin.php in the MamboWiki component (com_mambowiki) 0.9.6 and earlier for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the IP parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20060818 Joomla MamboWiki Component \u003c= 0.9.4 (MamboLogin.php) Remote File Inclusion Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/443706/100/0/threaded"
            },
            {
              "name": "19594",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/19594"
            },
            {
              "name": "1436",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1436"
            },
            {
              "name": "mambowiki-mambologin-file-include(28463)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28463"
            },
            {
              "name": "2213",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/2213"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.lyquidity.com/mambo/index.php?option=com_mambowiki\u0026Itemid=134"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-4282",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "PHP remote file inclusion vulnerability in MamboLogin.php in the MamboWiki component (com_mambowiki) 0.9.6 and earlier for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the IP parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20060818 Joomla MamboWiki Component \u003c= 0.9.4 (MamboLogin.php) Remote File Inclusion Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/443706/100/0/threaded"
                },
                {
                  "name": "19594",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/19594"
                },
                {
                  "name": "1436",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1436"
                },
                {
                  "name": "mambowiki-mambologin-file-include(28463)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28463"
                },
                {
                  "name": "2213",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/2213"
                },
                {
                  "name": "http://www.lyquidity.com/mambo/index.php?option=com_mambowiki\u0026Itemid=134",
                  "refsource": "MISC",
                  "url": "http://www.lyquidity.com/mambo/index.php?option=com_mambowiki\u0026Itemid=134"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-4282",
        "datePublished": "2006-08-22T17:00:00.000Z",
        "dateReserved": "2006-08-22T00:00:00.000Z",
        "dateUpdated": "2024-08-07T19:06:07.582Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-4241 (GCVE-0-2006-4241)

    Vulnerability from cvelistv5 – Published: 2006-08-21 18:00 – Updated: 2024-08-07 19:06
    VLAI
    Summary
    PHP remote file inclusion vulnerability in processor/reporter.sql.php in the Reporter Mambo component (com_reporter) allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://securityreason.com/securityalert/1419 third-party-advisoryx_refsource_SREASON
    http://www.securityfocus.com/archive/1/443373/100… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/19553 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2006-08-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T19:06:07.104Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1419",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1419"
              },
              {
                "name": "20060816 Reporter Mambo Component Remote File \u0026#304;nclude",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/443373/100/0/threaded"
              },
              {
                "name": "19553",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/19553"
              },
              {
                "name": "reporter-reporter-sql-file-include(28412)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28412"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-08-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "PHP remote file inclusion vulnerability in processor/reporter.sql.php in the Reporter Mambo component (com_reporter) allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1419",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1419"
            },
            {
              "name": "20060816 Reporter Mambo Component Remote File \u0026#304;nclude",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/443373/100/0/threaded"
            },
            {
              "name": "19553",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/19553"
            },
            {
              "name": "reporter-reporter-sql-file-include(28412)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28412"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-4241",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "PHP remote file inclusion vulnerability in processor/reporter.sql.php in the Reporter Mambo component (com_reporter) allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1419",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1419"
                },
                {
                  "name": "20060816 Reporter Mambo Component Remote File \u0026#304;nclude",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/443373/100/0/threaded"
                },
                {
                  "name": "19553",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/19553"
                },
                {
                  "name": "reporter-reporter-sql-file-include(28412)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28412"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-4241",
        "datePublished": "2006-08-21T18:00:00.000Z",
        "dateReserved": "2006-08-21T00:00:00.000Z",
        "dateUpdated": "2024-08-07T19:06:07.104Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-4195 (GCVE-0-2006-4195)

    Vulnerability from cvelistv5 – Published: 2006-08-17 21:00 – Updated: 2024-08-07 18:57
    VLAI
    Summary
    PHP remote file inclusion vulnerability in param.peoplebook.php in the Peoplebook Component for Mambo (com_peoplebook) 1.0 and earlier, and possibly 1.1.2, when register_globals and allow_url_fopen are enabled, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.vupen.com/english/advisories/2006/3277 vdb-entryx_refsource_VUPEN
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/21470 third-party-advisoryx_refsource_SECUNIA
    https://www.exploit-db.com/exploits/2184 exploitx_refsource_EXPLOIT-DB
    http://securityreason.com/securityalert/1406 third-party-advisoryx_refsource_SREASON
    http://www.securityfocus.com/archive/1/443201/100… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/19505 vdb-entryx_refsource_BID
    Date Public
    2006-08-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T18:57:46.438Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ADV-2006-3277",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/3277"
              },
              {
                "name": "peoplebook-param-file-include(28359)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28359"
              },
              {
                "name": "21470",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21470"
              },
              {
                "name": "2184",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/2184"
              },
              {
                "name": "1406",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1406"
              },
              {
                "name": "20060814 Peoplebook Mambo Component \u003c= v1.0 Remote File Include Vulnerabilities",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/443201/100/0/threaded"
              },
              {
                "name": "19505",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/19505"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-08-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "PHP remote file inclusion vulnerability in param.peoplebook.php in the Peoplebook Component for Mambo (com_peoplebook) 1.0 and earlier, and possibly 1.1.2, when register_globals and allow_url_fopen are enabled, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "ADV-2006-3277",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/3277"
            },
            {
              "name": "peoplebook-param-file-include(28359)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28359"
            },
            {
              "name": "21470",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21470"
            },
            {
              "name": "2184",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/2184"
            },
            {
              "name": "1406",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1406"
            },
            {
              "name": "20060814 Peoplebook Mambo Component \u003c= v1.0 Remote File Include Vulnerabilities",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/443201/100/0/threaded"
            },
            {
              "name": "19505",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/19505"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-4195",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "PHP remote file inclusion vulnerability in param.peoplebook.php in the Peoplebook Component for Mambo (com_peoplebook) 1.0 and earlier, and possibly 1.1.2, when register_globals and allow_url_fopen are enabled, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ADV-2006-3277",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/3277"
                },
                {
                  "name": "peoplebook-param-file-include(28359)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28359"
                },
                {
                  "name": "21470",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/21470"
                },
                {
                  "name": "2184",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/2184"
                },
                {
                  "name": "1406",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1406"
                },
                {
                  "name": "20060814 Peoplebook Mambo Component \u003c= v1.0 Remote File Include Vulnerabilities",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/443201/100/0/threaded"
                },
                {
                  "name": "19505",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/19505"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-4195",
        "datePublished": "2006-08-17T21:00:00.000Z",
        "dateReserved": "2006-08-17T00:00:00.000Z",
        "dateUpdated": "2024-08-07T18:57:46.438Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-4203 (GCVE-0-2006-4203)

    Vulnerability from cvelistv5 – Published: 2006-08-17 21:00 – Updated: 2024-08-07 18:57
    VLAI
    Summary
    PHP remote file inclusion vulnerability in help.mmp.php in the MMP Component (com_mmp) 1.2 and earlier for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.vupen.com/english/advisories/2006/3278 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/bid/19502 vdb-entryx_refsource_BID
    http://secunia.com/advisories/21479 third-party-advisoryx_refsource_SECUNIA
    https://www.exploit-db.com/exploits/2182 exploitx_refsource_EXPLOIT-DB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2006-08-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T18:57:46.515Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ADV-2006-3278",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/3278"
              },
              {
                "name": "19502",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/19502"
              },
              {
                "name": "21479",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21479"
              },
              {
                "name": "2182",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/2182"
              },
              {
                "name": "commmp-help-file-include(28361)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28361"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-08-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "PHP remote file inclusion vulnerability in help.mmp.php in the MMP Component (com_mmp) 1.2 and earlier for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-18T16:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "ADV-2006-3278",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/3278"
            },
            {
              "name": "19502",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/19502"
            },
            {
              "name": "21479",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21479"
            },
            {
              "name": "2182",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/2182"
            },
            {
              "name": "commmp-help-file-include(28361)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28361"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-4203",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "PHP remote file inclusion vulnerability in help.mmp.php in the MMP Component (com_mmp) 1.2 and earlier for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ADV-2006-3278",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/3278"
                },
                {
                  "name": "19502",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/19502"
                },
                {
                  "name": "21479",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/21479"
                },
                {
                  "name": "2182",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/2182"
                },
                {
                  "name": "commmp-help-file-include(28361)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28361"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-4203",
        "datePublished": "2006-08-17T21:00:00.000Z",
        "dateReserved": "2006-08-17T00:00:00.000Z",
        "dateUpdated": "2024-08-07T18:57:46.515Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-3930 (GCVE-0-2006-3930)

    Vulnerability from cvelistv5 – Published: 2006-07-31 21:00 – Updated: 2024-08-07 18:48
    VLAI
    Summary
    PHP remote file inclusion vulnerability in admin.a6mambohelpdesk.php in a6mambohelpdesk Mambo Component 18RC1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.osvdb.org/27654 vdb-entryx_refsource_OSVDB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/bid/19198 vdb-entryx_refsource_BID
    http://www.securityfocus.com/archive/1/441286/100… mailing-listx_refsource_BUGTRAQ
    http://securityreason.com/securityalert/1309 third-party-advisoryx_refsource_SREASON
    http://secunia.com/advisories/21227 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2006/3015 vdb-entryx_refsource_VUPEN
    https://www.exploit-db.com/exploits/2078 exploitx_refsource_EXPLOIT-DB
    Date Public
    2006-07-27 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T18:48:39.413Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "27654",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/27654"
              },
              {
                "name": "a6mambohelpdesk-admina6mambo-file-include(28054)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28054"
              },
              {
                "name": "19198",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/19198"
              },
              {
                "name": "20060727 a6mambohelpdesk Mambo Component \u003c= 18RC1 Remote Include Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/441286/100/0/threaded"
              },
              {
                "name": "1309",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1309"
              },
              {
                "name": "21227",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21227"
              },
              {
                "name": "ADV-2006-3015",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/3015"
              },
              {
                "name": "2078",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/2078"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-07-27T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "PHP remote file inclusion vulnerability in admin.a6mambohelpdesk.php in a6mambohelpdesk Mambo Component 18RC1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "27654",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/27654"
            },
            {
              "name": "a6mambohelpdesk-admina6mambo-file-include(28054)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28054"
            },
            {
              "name": "19198",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/19198"
            },
            {
              "name": "20060727 a6mambohelpdesk Mambo Component \u003c= 18RC1 Remote Include Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/441286/100/0/threaded"
            },
            {
              "name": "1309",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1309"
            },
            {
              "name": "21227",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21227"
            },
            {
              "name": "ADV-2006-3015",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/3015"
            },
            {
              "name": "2078",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/2078"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-3930",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "PHP remote file inclusion vulnerability in admin.a6mambohelpdesk.php in a6mambohelpdesk Mambo Component 18RC1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "27654",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/27654"
                },
                {
                  "name": "a6mambohelpdesk-admina6mambo-file-include(28054)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28054"
                },
                {
                  "name": "19198",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/19198"
                },
                {
                  "name": "20060727 a6mambohelpdesk Mambo Component \u003c= 18RC1 Remote Include Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/441286/100/0/threaded"
                },
                {
                  "name": "1309",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1309"
                },
                {
                  "name": "21227",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/21227"
                },
                {
                  "name": "ADV-2006-3015",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/3015"
                },
                {
                  "name": "2078",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/2078"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-3930",
        "datePublished": "2006-07-31T21:00:00.000Z",
        "dateReserved": "2006-07-31T00:00:00.000Z",
        "dateUpdated": "2024-08-07T18:48:39.413Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-3748 (GCVE-0-2006-3748)

    Vulnerability from cvelistv5 – Published: 2006-07-20 23:00 – Updated: 2024-08-07 18:39
    VLAI
    Summary
    PHP remote file inclusion vulnerability in includes/abbc/abbc.class.php in the LoudMouth Component for Mambo 4.0j, and possibly other versions including 4.1, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/21077 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/bid/19044 vdb-entryx_refsource_BID
    http://www.vupen.com/english/advisories/2006/2844 vdb-entryx_refsource_VUPEN
    https://www.exploit-db.com/exploits/2023 exploitx_refsource_EXPLOIT-DB
    Date Public
    2006-07-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T18:39:54.025Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "21077",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21077"
              },
              {
                "name": "loudmouth-class-file-include(27772)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27772"
              },
              {
                "name": "19044",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/19044"
              },
              {
                "name": "ADV-2006-2844",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/2844"
              },
              {
                "name": "2023",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/2023"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-07-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "PHP remote file inclusion vulnerability in includes/abbc/abbc.class.php in the LoudMouth Component for Mambo 4.0j, and possibly other versions including 4.1, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-18T16:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "21077",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21077"
            },
            {
              "name": "loudmouth-class-file-include(27772)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27772"
            },
            {
              "name": "19044",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/19044"
            },
            {
              "name": "ADV-2006-2844",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/2844"
            },
            {
              "name": "2023",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/2023"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-3748",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "PHP remote file inclusion vulnerability in includes/abbc/abbc.class.php in the LoudMouth Component for Mambo 4.0j, and possibly other versions including 4.1, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "21077",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/21077"
                },
                {
                  "name": "loudmouth-class-file-include(27772)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27772"
                },
                {
                  "name": "19044",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/19044"
                },
                {
                  "name": "ADV-2006-2844",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/2844"
                },
                {
                  "name": "2023",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/2023"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-3748",
        "datePublished": "2006-07-20T23:00:00.000Z",
        "dateReserved": "2006-07-20T00:00:00.000Z",
        "dateUpdated": "2024-08-07T18:39:54.025Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-3528 (GCVE-0-2006-3528)

    Vulnerability from cvelistv5 – Published: 2006-07-12 00:00 – Updated: 2024-08-07 18:30
    VLAI
    Summary
    Multiple PHP remote file inclusion vulnerabilities in Simpleboard Mambo module 1.1.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the sbp parameter to (1) image_upload.php and (2) file_upload.php.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/archive/1/445716/100… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/18917 vdb-entryx_refsource_BID
    http://marc.info/?l=bugtraq&m=115876919804966&w=2 mailing-listx_refsource_BUGTRAQ
    http://www.osvdb.org/28531 vdb-entryx_refsource_OSVDB
    http://securitytracker.com/id?1016824 vdb-entryx_refsource_SECTRACK
    http://www.vupen.com/english/advisories/2006/2716 vdb-entryx_refsource_VUPEN
    https://www.exploit-db.com/exploits/1994 exploitx_refsource_EXPLOIT-DB
    http://www.osvdb.org/27421 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/20981 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2006-07-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T18:30:34.115Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20060909 SimpleBoard Mambo Component 1.1.0 Remote File Include",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/445716/100/0/threaded"
              },
              {
                "name": "18917",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/18917"
              },
              {
                "name": "20060920 Re: SimpleBoard Mambo Component 1.1.0 Remote File Include",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=115876919804966\u0026w=2"
              },
              {
                "name": "28531",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/28531"
              },
              {
                "name": "1016824",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1016824"
              },
              {
                "name": "ADV-2006-2716",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/2716"
              },
              {
                "name": "1994",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/1994"
              },
              {
                "name": "27421",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/27421"
              },
              {
                "name": "20981",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/20981"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-07-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple PHP remote file inclusion vulnerabilities in Simpleboard Mambo module 1.1.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the sbp parameter to (1) image_upload.php and (2) file_upload.php."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-18T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20060909 SimpleBoard Mambo Component 1.1.0 Remote File Include",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/445716/100/0/threaded"
            },
            {
              "name": "18917",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/18917"
            },
            {
              "name": "20060920 Re: SimpleBoard Mambo Component 1.1.0 Remote File Include",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=115876919804966\u0026w=2"
            },
            {
              "name": "28531",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/28531"
            },
            {
              "name": "1016824",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1016824"
            },
            {
              "name": "ADV-2006-2716",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/2716"
            },
            {
              "name": "1994",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/1994"
            },
            {
              "name": "27421",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/27421"
            },
            {
              "name": "20981",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/20981"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-3528",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple PHP remote file inclusion vulnerabilities in Simpleboard Mambo module 1.1.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the sbp parameter to (1) image_upload.php and (2) file_upload.php."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20060909 SimpleBoard Mambo Component 1.1.0 Remote File Include",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/445716/100/0/threaded"
                },
                {
                  "name": "18917",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/18917"
                },
                {
                  "name": "20060920 Re: SimpleBoard Mambo Component 1.1.0 Remote File Include",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=115876919804966\u0026w=2"
                },
                {
                  "name": "28531",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/28531"
                },
                {
                  "name": "1016824",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1016824"
                },
                {
                  "name": "ADV-2006-2716",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/2716"
                },
                {
                  "name": "1994",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/1994"
                },
                {
                  "name": "27421",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/27421"
                },
                {
                  "name": "20981",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/20981"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-3528",
        "datePublished": "2006-07-12T00:00:00.000Z",
        "dateReserved": "2006-07-11T00:00:00.000Z",
        "dateUpdated": "2024-08-07T18:30:34.115Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }