CVE-2006-4242
published 2006-08-21CVE-2006-4242: PHP remote file inclusion vulnerability in install.jim.php in the JIM 1.0.1 component for Joomla or Mambo allows remote attackers to execute arbitrary PHP code…
PriorityP338medium5.1CVSS 2.0
AVNACHAuNCPIPAP
EXPLOIT
EPSS
3.35%
87.2th percentile
PHP remote file inclusion vulnerability in install.jim.php in the JIM 1.0.1 component for Joomla or Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| joomla | jim_instant_messaging_component | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-qpqv-23g8-wmfg: ** DISPUTED ** PHP remote file inclusion vulnerability in index
ghsa_unreviewed·2022-05-01·CVSS 5.1
CVE-2006-4556 [MEDIUM] GHSA-qpqv-23g8-wmfg: ** DISPUTED ** PHP remote file inclusion vulnerability in index
** DISPUTED ** PHP remote file inclusion vulnerability in index.php in the JIM component for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. NOTE: another researcher has stated that the product distribution does not include an index.php file. Also, this might be related to CVE-2006-4242.
GHSA
GHSA-r8g9-pw2x-5v49: PHP remote file inclusion vulnerability in install
ghsa_unreviewed·2022-05-01
CVE-2006-4242 [MEDIUM] GHSA-r8g9-pw2x-5v49: PHP remote file inclusion vulnerability in install
PHP remote file inclusion vulnerability in install.jim.php in the JIM 1.0.1 component for Joomla or Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
No detection rules found.
No writeups or analysis indexed.
http://secunia.com/advisories/21545http://securityreason.com/securityalert/1418http://www.osvdb.org/27990http://www.securityfocus.com/archive/1/443630/100/0/threadedhttp://www.securityfocus.com/bid/19575http://www.vupen.com/english/advisories/2006/3313https://exchange.xforce.ibmcloud.com/vulnerabilities/28433https://www.exploit-db.com/exploits/2203http://secunia.com/advisories/21545http://securityreason.com/securityalert/1418http://www.osvdb.org/27990http://www.securityfocus.com/archive/1/443630/100/0/threadedhttp://www.securityfocus.com/bid/19575http://www.vupen.com/english/advisories/2006/3313https://exchange.xforce.ibmcloud.com/vulnerabilities/28433https://www.exploit-db.com/exploits/2203
2006-08-21
Published