Mambo: possible remote file inclusion using mosConfig_absolute_path Description   Using a specific parameter, a malicious user might be able to inject a remote file on the server, and therefore execute code.       Default configuration   Profiles High Medium Low Internet Action Block Block Block Block Alarm Level Minor Minor Minor Minor       References   Bugtraq: 12608 Bugtraq: 15461       Available since   ASQ v3.2.0       Protects   JoomlaPack for Joomla "mosConfig_absolute_path" PHP File Inclusion Vulnerability AutoStand for Joomla "mosConfig_absolute_path" Remote File Inclusion Vulnerability MOSMedia Lite for Mambo "mosConfig_absolute_path" PHP File Inclusion Vulnerabilities zOOm Media Gallery for Mambo "mosConfig_absolute_path" File Inclusion Vulnerability TaskHopper for Joomla "mosConfig_absolute_path" PHP File Inclusion Vulnerabilities FlatMenu "mosConfig_absolute_path" Parameter Remote File Inclusion Vulnerability swMenuFree "mosConfig_absolute_path" Parameter Remote File Inclusion Vulnerability NFN Address Book for Mambo "mosConfig_absolute_path" File Inclusion Vulnerability VisoHotlink "mosConfig_absolute_path" Parameter Remote File Inclusion Vulnerability Shambo2 for Mambo "mosConfig_absolute_path" File Inclusion Vulnerability MambWeather for Mambo "mosConfig_absolute_path" File Inclusion Vulnerability Serverstat for Mambo "mosConfig_absolute_path" PHP File Inclusion Vulnerability Community Builder for Joomla "mosConfig_absolute_path" File Inclusion Vulnerability JIM Component for Joomla "mosConfig_absolute_path" Remote File Inclusion Vulnerability MambelFish Component for Mambo "mosConfig_absolute_path" File Inclusion Vulnerability a6MamboCredits Component for Mambo "mosConfig_absolute_path" File Inclusion Vulnerability Coppermine Component for Mambo "mosConfig_absolute_path" File Inclusion Vulnerability MMP Component for Mambo "mosConfig_absolute_path" Remote File Inclusion Vulnerability PeopleBook Component for Mambo "mosConfig_absolute_path" File Inclusion Vulnerability Remository Component for Mambo "mosConfig_absolute_path" File Inclusion Vulnerabilities JD-Wiki Component for Joomla "mosConfig_absolute_path" Remote File Inclusion Vulnerability LMO Component for Joomla "mosConfig_absolute_path" PHP File Inclusion Vulnerability Security Images Component for Joomla "mosConfig_absolute_path" File Inclusion Issue Colophon Component for Joomla "mosConfig_absolute_path" File Inclusion Vulnerability UHP Component for Mambo and Joomla "mosConfig_absolute_path" File Inclusion Vulnerability Mambatstaff Component for Mambo "mosConfig_absolute_path" File Inclusion Vulnerability Gallery Manager (MGM) for Mambo "mosConfig_absolute_path" File Inclusion Vulnerability Mam-moodle Component for Mambo "mosConfig_absolute_path" File Inclusion Vulnerability MultiBanners Component for Mambo "mosConfig_absolute_path" File Inclusion Vulnerability Mambo-SMF Forum Component for Mambo "mosConfig_absolute_path" File Inclusion Vulnerability VideoDB Component for Mambo "mosConfig_absolute_path" Remote File Inclusion Vulnerability LoudMouth Component for Mambo "mosConfig_absolute_path" PHP File Inclusion Vulnerability PollXT Component for Joomla! "mosConfig_absolute_path" Remote File Inclusion Vulnerability Joomlaboard Component for Joomla! "mosConfig_absolute_path" File Inclusion Vulnerability SiteMap Component for Mambo "mosConfig_absolute_path" PHP File Inclusion Vulnerability Hashcash Component for Joomla! "mosConfig_absolute_path" File Inclusion Vulnerability perForms Component for Joomla! "mosConfig_absolute_path" File Inclusion Vulnerability PcCookBook Component for Joomla! "mosConfig_absolute_path" File Inclusion Issue ExtCalendar Module for Mambo "mosConfig_absolute_path" File Inclusion Vulnerability Galleria Module for Mambo "mosConfig_absolute_path" File Inclusion Vulnerability RsGallery2 for Joomla! "mosConfig_absolute_path" PHP File Inclusion Vulnerabilities Mambo "mosConfig_absolute_path" Remote File Inclusion Vulnerability 100 last CVE   CVE-2007-2319 CVE-2007-2144 CVE-2007-2043 CVE-2007-2042 CVE-2007-2005 CVE-2007-1992 CVE-2007-1702 CVE-2007-1699 CVE-2007-1596 CVE-2007-0489 CVE-2006-6962 CVE-2006-6049 CVE-2006-5519 CVE-2006-5048 CVE-2006-5043 CVE-2006-4858 CVE-2006-4321 CVE-2006-4288 CVE-2006-4270 CVE-2006-4242 CVE-2006-4203 CVE-2006-4195 CVE-2006-4130 CVE-2006-4074 CVE-2006-3995 CVE-2006-3981 CVE-2006-3980 CVE-2006-3970 CVE-2006-3969 CVE-2006-3951 CVE-2006-3947 CVE-2006-3846 CVE-2006-3774 CVE-2006-3773 CVE-2006-3750 CVE-2006-3749 CVE-2006-3748 CVE-2006-3736 CVE-2006-3556 CVE-2006-3530 CVE-2006-3396 CVE-2005-3738    Risk level  Moderate