PHP remote file inclusion vulnerability in Function.php in Mambo 4.5 (1.0.9) allows remote attackers to execute arbitrary PHP code by modifying the mosConfig_absolute_path parameter to reference a URL on a remote web server that contains the code.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Mambo | Mambo | 4.5_1.0.9 (including) | 4.5_1.0.9 (including) |