|
|
|||
| Rule General Information |
|---|
| Release Date: | 2025-03-04 | |
| Rule Name: | Joomla Component com_pccookbook Remote File Inclusion Vulnerability (CVE-2006-3530) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | PHP remote file inclusion vulnerability in com_pccookbook/pccookbook.php in the PccookBook Component for Mambo and Joomla 0.3 and possibly up to 1.3.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via the mosConfig_absolute_path parameter. | |
| Impact: | When the file operation function in the application that does not filter the file path effectively, an attacker can import the path of a file which contains malicious code, causing a file inclusion vulnerability and executing malicious code. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | SecurityFocusBID:18919 ExploitDB:2024 http://advisories.echo.or.id/adv/adv37-matdhule-2006.txt http://secunia.com/advisories/21015 |
|
| Solutions |
|---|
| Please contact the software vendor to update the software patch. |