CVE-2006-1794

Mambo < 4.5.3h - SQL Injection via mosGetParam and mosMenuCheck Functions

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-1794.

AI-analyzed exploit summary This is a detailed technical analysis of multiple vulnerabilities in Mambo CMS, including SQL injection, authentication bypass, and local file inclusion. It provides code snippets, exploitation techniques, and mitigation advice.

Description

SQL injection vulnerability in Mambo 4.5.3, 4.5.3h, and possibly earlier versions allows remote attackers to execute arbitrary SQL commands via (1) the $username variable in the mosGetParam function and (2) the $task parameter in the mosMenuCheck function in (a) includes/mambo.php; and (3) the $filter variable to the showCategory function in the com_content component (content.php).

Exploits (1)

exploitdb WRITEUP

webappsphp

https://www.exploit-db.com/exploits/43835

View Code ZIP pw:eip

This is a detailed technical analysis of multiple vulnerabilities in Mambo CMS, including SQL injection, authentication bypass, and local file inclusion. It provides code snippets, exploitation techniques, and mitigation advice.

Classification

Writeup 100%

Attack Type

Sqli | Auth Bypass | Other

Complexity

Trivial

Reliability

Reliable

Target: Mambo CMS <= 4.5.3h

No auth needed

Prerequisites: Target running Mambo CMS <= 4.5.3h · Magic quotes disabled in PHP

MITRE ATT&CK