CVE-2006-3990 Information

Feb 14, 2021 cve

Description

Multiple PHP remote file inclusion vulnerabilities in Paul M. Jones Savant2 possibly when used with the com_mtree component for Mambo and Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter in (1) Savant2_Plugin_stylesheet.php (2) Savant2_Compiler_basic.php (3) Savant2_Error_pear.php (4) Savant2_Error_stack.php (5) Savant2_Filter_colorizeCode.php (6) Savant2_Filter_trimwhitespace.php (7) Savant2_Plugin_ahref.php (8) Savant2_Plugin_ahrefcontact.php (9) Savant2_Plugin_ahreflisting.php (10) Savant2_Plugin_ahreflistingimage.php (11) Savant2_Plugin_ahrefmap.php (12) Savant2_Plugin_ahrefownerlisting.php (13) Savant2_Plugin_ahrefprint.php (14) Savant2_Plugin_ahrefrating.php (15) Savant2_Plugin_ahrefrecommend.php (16) Savant2_Plugin_ahrefreport.php (17) Savant2_Plugin_ahrefreview.php (18) Savant2_Plugin_ahrefvisit.php (19) Savant2_Plugin_checkbox.php (20) Savant2_Plugin_cycle.php (21) Savant2_Plugin_dateformat.php (22) Savant2_Plugin_editor.php (23) Savant2_Plugin_form.php (24) Savant2_Plugin_image.php (25) Savant2_Plugin_input.php (26) Savant2_Plugin_javascript.php (27) Savant2_Plugin_listalpha.php (28) Savant2_Plugin_listingname.php (29) Savant2_Plugin_modify.php (30) Savant2_Plugin_mtpath.php (31) Savant2_Plugin_options.php (32) Savant2_Plugin_radios.php (33) Savant2_Plugin_rating.php or (34) Savant2_Plugin_textarea.php.

Reference

Share on: