CVE-2006-3302 Information

Description

PHP remote file inclusion vulnerability in mod_cbsms.php in CBSMS Mambo Module 1.0 and earlier when register_globals is enabled allows remote attackers to execute arbitrary PHP code via a URL in the mosC_a_path parameter. NOTE: the provenance of this information is unknown; portions of the details are obtained from third party information.

Reference

http://www.vupen.com/english/advisories/2006/2528 https://exchange.xforce.ibmcloud.com/vulnerabilities/27374