Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-3751

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2006-3751
Last Modified 10 Sep 2008 04:24:40
Published 21 Jul 2006 10:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2006-3751

Summary

PHP remote file inclusion vulnerability in popups/ImageManager/config.inc.php in the HTMLArea3 Addon Component (com_htmlarea3_xtd-c) for ImageManager 1.5 allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.

Vulnerable Systems

Application

  • Htmlarea3 1.5


References

XF - imagemanager-configinc-file-include(27721)

BID - 19047

MILW0RM - 2027

BUGTRAQ - 20060712 [ECHO_ADV_38$2006] Multiple Mambo/Joomla Component Remote File Include Vulnerabilities

MISC - http://advisories.echo.or.id/adv/adv38-matdhule-2006.txt

SREASON - 1249


Last Updated: 27 May 2016 10:43:06