mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-21 17:16:51 +02:00
0xMarcio
844 B
844 B
CVE-2006-4375
Description
PHP remote file inclusion vulnerability in contxtd.class.php in the Contacts XTD (ContXTD) component for Mambo (com_contxtd) allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. NOTE: another researcher has disputed this issue, saying that the software prevents the attack by checking whether _VALID_MOS is defined
POC
Reference
Github
No PoCs found on GitHub currently.