CVE-2006-5254

PHP remote file inclusion vulnerability in registration_detailed.inc.php in Mark Van Bellen Detailed User Registration (com_registration_detailed), aka regdetailed, 4.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.

Score7.5
Access VectorNETWORK
Access ComplexityLOW
AuthenticationNONE
Confidentiality ImpactPARTIAL
Integrity ImpactPARTIAL
Availability ImpactPARTIAL
Published2006-10-12 06:07:00.000-04
Last Modified2017-10-18 09:29:31.000-04

Vulnerable Software List

VendorProductVersions
Mamboxchange Extended Registration 4.1

References

SourceLink
BID20072
XFregistration-detailed-file-include(28982)
EXPLOIT-DB2379