CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Mambo: >> Mambo >> 4.6.4 Security Vulnerabilities

CVE-2008-2905

PHP remote file inclusion vulnerability in includes/Cache/Lite/Output.php in the Cache_Lite package in Mambo 4.6.4 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.

CVSS Score

6.8

EPSS Score

0.732

Published

2008-06-30

Page 1

Vulnerabilities

Vulnerable Software

Mambo: >> Mambo >> 4.6.4 Security Vulnerabilities

Products

Pricing

Contact Us