CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2004-1693

PHP remote file inclusion vulnerability in Function.php in Mambo 4.5 (1.0.9) allows remote attackers to execute arbitrary PHP code by modifying the mosConfig_absolute_path parameter to reference a URL on a remote web server that contains the code.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.095

EPSS Ranking 92.4%

CVSS Severity

CVSS v2 Score 7.5

References

http://marc.info/?l=bugtraq&m=109571849713158&w=2
http://securitytracker.com/id?1011365
http://www.osvdb.org/10180
http://www.securityfocus.com/bid/11220
https://exchange.xforce.ibmcloud.com/vulnerabilities/17449
http://marc.info/?l=bugtraq&m=109571849713158&w=2
http://securitytracker.com/id?1011365
http://www.osvdb.org/10180
http://www.securityfocus.com/bid/11220
https://exchange.xforce.ibmcloud.com/vulnerabilities/17449

Products affected by CVE-2004-1693

Mambo » Mambo » Version: 4.5_1.0.9

cpe:2.3:a:mambo:mambo:4.5_1.0.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2004-1693

Products

Pricing

Contact Us