CVE-2006-4375

Name of the Vulnerable Software and Affected Versions Mambo component com contxtd (affected versions not specified)

Description A remote file inclusion issue in the Contacts XTD (ContXTD) component for Mambo allows remote attackers to potentially execute arbitrary PHP code via a URL in the mosConfig absolute path parameter. However, it is noted that the software may prevent the attack by checking whether VALID MOS is defined.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.