CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2006-4858

PHP remote file inclusion vulnerability in install.serverstat.php in the Serverstat (com_serverstat) 0.4.4 and earlier component for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.137

EPSS Ranking 93.9%

CVSS Severity

CVSS v2 Score 6.8

References

http://secunia.com/advisories/21943
http://securityreason.com/securityalert/1598
http://www.securityfocus.com/archive/1/446110/100/0/threaded
http://www.securityfocus.com/bid/20018
http://www.vupen.com/english/advisories/2006/3610
https://exchange.xforce.ibmcloud.com/vulnerabilities/28959
https://www.exploit-db.com/exploits/2367
http://secunia.com/advisories/21943
http://securityreason.com/securityalert/1598
http://www.securityfocus.com/archive/1/446110/100/0/threaded
http://www.securityfocus.com/bid/20018
http://www.vupen.com/english/advisories/2006/3610
https://exchange.xforce.ibmcloud.com/vulnerabilities/28959
https://www.exploit-db.com/exploits/2367

Products affected by CVE-2006-4858

Mamboxchange » Serverstat Component » Version: Any

cpe:2.3:a:mamboxchange:serverstat_component:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-4858

Products

Pricing

Contact Us