CVE-2006-3930
published 2006-07-31CVE-2006-3930: PHP remote file inclusion vulnerability in admin.a6mambohelpdesk.php in a6mambohelpdesk Mambo Component 18RC1 and earlier allows remote attackers to execute…
PriorityP345high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
3.86%
88.9th percentile
PHP remote file inclusion vulnerability in admin.a6mambohelpdesk.php in a6mambohelpdesk Mambo Component 18RC1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| mamboxchange | a6mambohelpdesk | <= 1.2 | — |
| mamboxchange | a6mambohelpdesk | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Suricata
ET WEB_SPECIFIC_APPS A6MamboHelpDesk Admin.a6mambohelpdesk.php Remote File inclusion Attempt
suricata·2010-10-25·CVSS 7.5
CVE-2006-3930 [HIGH] ET WEB_SPECIFIC_APPS A6MamboHelpDesk Admin.a6mambohelpdesk.php Remote File inclusion Attempt
ET WEB_SPECIFIC_APPS A6MamboHelpDesk Admin.a6mambohelpdesk.php Remote File inclusion Attempt
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS A6MamboHelpDesk Admin.a6mambohelpdesk.php Remote File inclusion Attempt"; flow:established,to_server; http.method; content:"GET"; http.uri; content:"/administrator/components/com_a6mambohelpdesk/admin.a6mambohelpdesk.php?"; nocase; content:"mosConfig_live_site="; nocase; pcre:"/mosConfig_live_site=\s*(?:ftps?|https?|php)\:\//i"; reference:bugtraq,19198; reference:cve,CVE-2006-3930; classtype:web-application-attack; sid:2011837; rev:4; metadata:created_at 2010_10_25, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2020_09_03, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access
No writeups or analysis indexed.
http://secunia.com/advisories/21227http://securityreason.com/securityalert/1309http://www.osvdb.org/27654http://www.securityfocus.com/archive/1/441286/100/0/threadedhttp://www.securityfocus.com/bid/19198http://www.vupen.com/english/advisories/2006/3015https://exchange.xforce.ibmcloud.com/vulnerabilities/28054https://www.exploit-db.com/exploits/2078http://secunia.com/advisories/21227http://securityreason.com/securityalert/1309http://www.osvdb.org/27654http://www.securityfocus.com/archive/1/441286/100/0/threadedhttp://www.securityfocus.com/bid/19198http://www.vupen.com/english/advisories/2006/3015https://exchange.xforce.ibmcloud.com/vulnerabilities/28054https://www.exploit-db.com/exploits/2078
2006-07-31
Published