CVE-2005-3738
Published Nov 22, 2005
Last updated 6 years ago
Overview
- Description
- globals.php in Mambo Site Server 4.0.14 and earlier, when register_globals is disabled, allows remote attackers to overwrite variables in the GLOBALS array and conduct various attacks, as demonstrated using the mosConfig_absolute_path parameter to content.html.php for remote PHP file inclusion.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 2.6
- Impact score
- 2.9
- Exploitability score
- 4.9
- Vector string
- AV:N/AC:H/Au:N/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mambo:mambo_site_server:4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DE4760B9-54F5-493C-A11E-B77DA6EC6C97"
},
{
"criteria": "cpe:2.3:a:mambo:mambo_site_server:4.0.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DD99A44A-B0C5-4C4F-A2C5-E887A50D524A"
},
{
"criteria": "cpe:2.3:a:mambo:mambo_site_server:4.0.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CCB5F323-A895-4392-8801-17A91A3DF23A"
},
{
"criteria": "cpe:2.3:a:mambo:mambo_site_server:4.0.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E0ED5902-9239-426B-BAE1-43B0B81D3698"
},
{
"criteria": "cpe:2.3:a:mambo:mambo_site_server:4.0.12_beta:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8D336F35-29A5-4937-AFD9-A270FBBCAF41"
},
{
"criteria": "cpe:2.3:a:mambo:mambo_site_server:4.0.12_beta_2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "99ECD749-5ACB-4322-9176-E2818A375507"
},
{
"criteria": "cpe:2.3:a:mambo:mambo_site_server:4.0.12_rc1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "93111FE2-AB73-41D4-96B8-6C6FD1C36708"
},
{
"criteria": "cpe:2.3:a:mambo:mambo_site_server:4.0.12_rc2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F6FA85FE-1057-4BA8-B706-7590290E7BA5"
},
{
"criteria": "cpe:2.3:a:mambo:mambo_site_server:4.0.12_rc3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C4800B71-007D-41C8-8450-EF06D7920E50"
},
{
"criteria": "cpe:2.3:a:mambo:mambo_site_server:4.0.14:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DE093E4B-37EB-4DB9-A6BD-5C22251E6F88"
}
],
"operator": "OR"
}
]
}
]