CVE-2006-4280

Name of the Vulnerable Software and Affected Versions ANJEL (formerly MaMML) Component (com anjel) for Mambo (affected versions not specified)

Description A remote file inclusion issue exists, allowing remote attackers to execute arbitrary PHP code via a URL in the mosConfig absolute path parameter. This issue has been disputed by a third party, who claims that $mosConfig absolute path is set in a configuration file.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.