Mambo : Security Vulnerabilities, CVEs, (Directory traversal) CVSS score >= 6
Directory traversal vulnerability in the _setTemplate function in Mambo 4.5.3, 4.5.3h, and possibly earlier versions allows remote attackers to read and include arbitrary files via the mos_change_template parameter. NOTE: CVE-2006-1794 has been assigned to the SQL injection vector.
Max CVSS
6.4
EPSS Score
0.51%
Published
2006-02-24
Updated
2011-03-07
1 vulnerabilities found