Mambo » Contacts Xtd Component : Security Vulnerabilities, CVEs, CVSS score >= 5
PHP remote file inclusion vulnerability in contxtd.class.php in the Contacts XTD (ContXTD) component for Mambo (com_contxtd) allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. NOTE: another researcher has disputed this issue, saying that the software prevents the attack by checking whether _VALID_MOS is defined
Max CVSS
7.5
EPSS Score
1.17%
Published
2006-08-26
Updated
2024-03-21
1 vulnerabilities found