globals.php in Mambo Site Server 4.0.14 and earlier, when register_globals is disabled, allows remote attackers to overwrite variables in the GLOBALS array and conduct various attacks, as demonstrated using the mosConfig_absolute_path parameter to content.html.php for remote PHP file inclusion.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Mambo_site_server | Mambo | 4.0 (including) | 4.0 (including) |
Mambo_site_server | Mambo | 4.0.10 (including) | 4.0.10 (including) |
Mambo_site_server | Mambo | 4.0.11 (including) | 4.0.11 (including) |
Mambo_site_server | Mambo | 4.0.12 (including) | 4.0.12 (including) |
Mambo_site_server | Mambo | 4.0.12_beta (including) | 4.0.12_beta (including) |
Mambo_site_server | Mambo | 4.0.12_beta_2 (including) | 4.0.12_beta_2 (including) |
Mambo_site_server | Mambo | 4.0.12_rc1 (including) | 4.0.12_rc1 (including) |
Mambo_site_server | Mambo | 4.0.12_rc2 (including) | 4.0.12_rc2 (including) |
Mambo_site_server | Mambo | 4.0.12_rc3 (including) | 4.0.12_rc3 (including) |
Mambo_site_server | Mambo | 4.0.14 (including) | 4.0.14 (including) |