Kurdish Security

#15848de 53,635
17CVSS total
Vulnerabilidades · 3
Média
3
PT-2006-4834
5.1
2006-08-05
Knusperleicht · Knusperleicht Shoutbox · CVE-2006-3989
**Name of the Vulnerable Software and Affected Versions** Knusperleicht Shoutbox versions 4.4 and earlier **Description** The issue allows remote attackers to execute arbitrary PHP code via a URL in the `sb include path` parameter in the index.php file. **Recommendations** For versions 4.4 and earlier, consider restricting access to the `sb include path` parameter in the index.php file until a patch is available. As a temporary workaround, avoid using the `sb include path` parameter with untrusted URLs.
PT-2006-4840
6.8
2006-08-05
Mambo · Mambo · CVE-2006-3995
**Name of the Vulnerable Software and Affected Versions** UHP (User Home Pages) component (aka com uhp) for Mambo or Joomla! version 0.5 **Description** The issue concerns remote file inclusion vulnerabilities in several PHP files within the UHP component, potentially allowing remote attackers to execute arbitrary PHP code. The vulnerability can be exploited via a URL in the `mosConfig absolute path` parameter. **Recommendations** For UHP (User Home Pages) component (aka com uhp) for Mambo or Joomla! version 0.5, consider restricting access to the vulnerable PHP files, such as uhp config.php, footer.php, functions.php, install.uhp.php, toolbar.uhp.html.php, uhp.class.php, and uninstall.uhp.php, to minimize the risk of exploitation. Avoid using the `mosConfig absolute path` parameter in URLs until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2006-4705
5.1
2006-07-25
Mospray · Mospray · CVE-2006-3847
**Name of the Vulnerable Software and Affected Versions** MoSpray (aka com mospray) version 1.8 RC1 **Description** The issue allows remote attackers to execute arbitrary PHP code via a URL in the `basedir` parameter in multiple PHP files, including admin.php, details.php, modify.php, newgroup.php, newtask.php, and rss.php. **Recommendations** For MoSpray (aka com mospray) version 1.8 RC1, consider restricting access to the `basedir` parameter in the affected PHP files until a patch is available. As a temporary workaround, avoid using the `basedir` parameter in the affected files to minimize the risk of exploitation.