Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
PHP remote file inclusion vulnerability in estateagent.php in the EstateAgent component (com_estateagent) for Mambo, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Mambo EstateAgent组件 'configuration.php' mosConfig_absolute_path参数远程文件包含漏洞
Vulnerability Description
EstateAgent是Mambo中的一个组件,允许小型地产公司和代理管理地产资料。 EstateAgent模块的/administrator/components/com_estateagent/configuration.php脚本没有正确地验证mosConfig_absolute_path参数的输入,允许攻击者可以通过包含本地或外部资源的任意文件导致执行任意代码。成功攻击要求打开了register_globals。
CVSS Information
N/A
Vulnerability Type
N/A