Vulnerabilities > CVE-2007-1699 - Remote File Include vulnerability in Mambo SWMenu MosConfig_Absolute_Path Parameter
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Multiple PHP remote file inclusion vulnerabilities in the SWmenu (com_swmenupro and com_swmenufree) 4.0 component for Mambo and Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to ImageManager/Classes/ImageManager.php under the (1) components/ or (2) administrator/components/ directory trees.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 | |
Application | 1 |
Exploit-Db
description | Joomla/Mambo Component SWmenuFree 4.0 RFI Vulnerability. CVE-2007-1699. Webapps exploit for php platform |
file | exploits/php/webapps/3557.txt |
id | EDB-ID:3557 |
last seen | 2016-01-31 |
modified | 2007-03-23 |
platform | php |
port | |
published | 2007-03-23 |
reporter | Cold Zero |
source | https://www.exploit-db.com/download/3557/ |
title | Joomla/Mambo Component SWmenuFree 4.0 RFI Vulnerability |
type | webapps |