| VID |
21931 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The Mambo Open Source is vulnerable to a remote file include vulnerability in the download.php script. Mambo Open Source (formerly Mambo Site Server) is an Internet portal and content management software. Mambo Module for phpBB version 1.2.4-RC3 and earlier versions could allow a remote attacker to include malicious PHP files, caused by improper validation of user-supplied input passed to the 'phpbb_root_path' parameter of the 'download.php' script. If the register_globals setting is set to 'on', a remote attacker could send a specially-crafted URL request to execute arbitrary PHP code and operating system commands on the target system.
* References:
http://www.milw0rm.com/exploits/1995
* Platforms Affected:
phpBB Project, Mambo Module for phpBB version 1.2.4-RC3 and earlier versions
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of Mambo, when new fixed version becomes available from the MamboForge Web site at http://sourceforge.net/projects/mambo/ |
| Related URL |
CVE-2006-7208 (CVE) |
| Related URL |
18914 (SecurityFocus) |
| Related URL |
39931 (ISS) |
|
