Intrusion Prevention

Mambo.Gallery.Manager.Remote.File.Inclusion

Description

This indicates a possible attempt to exploit a File Inclusion vulnerability in Mambo Email Publisher.
The vulnerability may allow a remote attacker to execute arbitrary PHP code by sending a specially crafted URL.

Affected Products

MamboXChange Mambo eMail Publisher 1.2

Impact

System Compromise: Remote code execution.

Recommended Actions

Currently, we are not aware of any vendor supplied patches for this issue.

CVE References

CVE-2006-3980