HIGH🇬🇧 English

CVE-2009-4604

CVSS 7.5v2.0pub. 2010-01-12upd. 2026-04-23

PHP remote file inclusion vulnerability in mamboleto.php in the Fernando Soares Mamboleto (com_mamboleto) component 2.0 RC3 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.

oryginał EN
CVSS Vector
AV:N/AC:L/Au:N/C:P/I:P/A:P
  • Fernando Soares Com Mamboleto

    APP
    Fernando Soares
    2.0
  • Joomla

    APP
    Joomla
    wszystkie wersje
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2009-4789HIGH7.5ten sam produkt

Multiple PHP remote file inclusion vulnerabilities in the MojoBlog component RC 0.15 for Joomla! allow remote ...

CVE-2010-1470HIGH7.5ten sam produkt

Directory traversal vulnerability in the Web TV (com_webtv) component 1.0 for Joomla! allows remote attackers ...

CVE-2010-0694HIGH7.5ten sam produkt

SQL injection vulnerability in the PerchaGallery (com_perchagallery) component before 1.5b for Joomla! allows ...

CVE-2009-4599HIGH7.5ten sam produkt

Multiple SQL injection vulnerabilities in the JS Jobs (com_jsjobs) component 1.0.5.6 for Joomla! allow remote ...

CVE-2009-4598HIGH7.5ten sam produkt

SQL injection vulnerability in the JPhoto (com_jphoto) component 1.0 for Joomla! allows remote attackers to ex...