CVE-2006-4372 Information

Description

PHP remote file inclusion vulnerability in admin.lurm_constructor.php in the Lurm Constructor component (com_lurm_constructor) 0.6b and earlier for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the lm_absolute_path parameter.

Reference

https://exchange.xforce.ibmcloud.com/vulnerabilities/28475 https://www.exploit-db.com/exploits/2222