Mambo CMS Suffers From File Inclusion Vulnerability

    Date: 06/29/06 (Java Web)    Keywords: cms, php

    Kw3[R]Ln has discovered a vulnerability in the MOD_CBSMS module for Mambo, which can be exploited to compromise a machine serving Mambo CMS. Input passed to the “mosConfig_absolute_path” parameter in mod_cbsms_messages.php isn’t properly verified, before it is used to include files. This can be exploited to include arbitrary files from external and local resources. Successful exploitation requires that [...]

    Source: http://blog.taragana.com/index.php/archive/mambo-cms-suffers-from-file-inclusion-vulnerability/

« WordPress Automatic Machine... || Microsoft Internet Explorer... »
Search  •  Site Map  •  Set as Homepage  •  Add to Favourites  • 
antivirus | apache | asp | blogging | browser | bugtracking | cms | crm | css | database | ebay | ecommerce | google | hosting | html | java | jsp | linux | microsoft | mysql | offshore | offshoring | oscommerce | php | postgresql | programming | rss | security | seo | shopping | software | spam | spyware | sql | technology | templates | tracker | virus | web | xml | yahoo | home