关键信息 漏洞名称: Mambo mambelfish Component <= 1.1 Remote File Include Vulnerability 风险等级: High CVE ID: CVE-2006-4270 CWE ID: CWE-94 报告日期: 2006-08-24 / 2006-08-25 报告人: mdx CVSS Base Score: 6.8/10 CVSS Impact Score: 6.4/10 CVSS Exploitability Score: 8.6/10 影响范围: - Confidentiality Impact: Partial - Integrity Impact: Partial - Availability Impact: Partial 攻击复杂度: Medium 认证需求: No required 漏洞类型: Remote File Inclusion 受影响版本: Mambo mambelfish Component <= 1.1 相关文件: mambelfish.class.php 易受攻击的代码位置: mambelfish.class.php, line 28 易受攻击的代码示例: 漏洞利用方式: 联系人: bilkopat[at]hotmail[dot]com