CVE-2004-1693
published 2004-09-18CVE-2004-1693: PHP remote file inclusion vulnerability in Function.php in Mambo 4.5 (1.0.9) allows remote attackers to execute arbitrary PHP code by modifying the…
PriorityP338high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
2.98%
85.6th percentile
PHP remote file inclusion vulnerability in Function.php in Mambo 4.5 (1.0.9) allows remote attackers to execute arbitrary PHP code by modifying the mosConfig_absolute_path parameter to reference a URL on a remote web server that contains the code.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| mambo | mambo | <= 4.5.2 | — |
| mambo | mambo | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-9hjp-2xh2-8wp6: PHP remote file inclusion vulnerability in Tar
ghsa_unreviewed·2022-05-01·CVSS 7.5
CVE-2005-0512 [HIGH] GHSA-9hjp-2xh2-8wp6: PHP remote file inclusion vulnerability in Tar
PHP remote file inclusion vulnerability in Tar.php in Mambo 4.5.2 allows remote attackers to execute arbitrary PHP code by modifying the mosConfig_absolute_path parameter to reference a URL on a remote web server that contains the code, a different vulnerability than CVE-2004-1693.
GHSA
GHSA-57cw-xj8m-j9g4: PHP remote file inclusion vulnerability in Function
ghsa_unreviewed·2022-04-29
CVE-2004-1693 [HIGH] GHSA-57cw-xj8m-j9g4: PHP remote file inclusion vulnerability in Function
PHP remote file inclusion vulnerability in Function.php in Mambo 4.5 (1.0.9) allows remote attackers to execute arbitrary PHP code by modifying the mosConfig_absolute_path parameter to reference a URL on a remote web server that contains the code.
No detection rules found.
No writeups or analysis indexed.
http://marc.info/?l=bugtraq&m=109571849713158&w=2http://securitytracker.com/id?1011365http://www.osvdb.org/10180http://www.securityfocus.com/bid/11220https://exchange.xforce.ibmcloud.com/vulnerabilities/17449http://marc.info/?l=bugtraq&m=109571849713158&w=2http://securitytracker.com/id?1011365http://www.osvdb.org/10180http://www.securityfocus.com/bid/11220https://exchange.xforce.ibmcloud.com/vulnerabilities/17449
2004-09-18
Published