Vulnerabilities > CVE-2004-1693 - Input Validation vulnerability in Mambo 4.51.0.9
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
PHP remote file inclusion vulnerability in Function.php in Mambo 4.5 (1.0.9) allows remote attackers to execute arbitrary PHP code by modifying the mosConfig_absolute_path parameter to reference a URL on a remote web server that contains the code.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | Mambo Open Source 4.5.1 (1.0.9) Function.php Arbitrary Command Execution. CVE-2004-1693. Webapps exploit for php platform |
id | EDB-ID:24615 |
last seen | 2016-02-02 |
modified | 2004-09-20 |
published | 2004-09-20 |
reporter | Joxean Koret |
source | https://www.exploit-db.com/download/24615/ |
title | Mambo Open Source 4.5.1 1.0.9 - Function.php Arbitrary Command Execution |