CVE-2006-3396
Galleria Mambo Module <= 1.0 - Remote Code Execution via mosConfig_absolute_path Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2006-3396. PoCs published by sikunYuk.
AI-analyzed exploit summary This exploit demonstrates a Remote File Inclusion (RFI) vulnerability in galleria <= 1.0. The vulnerability allows an attacker to include and execute arbitrary remote files by manipulating the 'mosConfig_absolute_path' parameter.
Description
PHP remote file inclusion vulnerability in galleria.html.php in Galleria Mambo Module 1.0 and earlier for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
Exploits (1)
This exploit demonstrates a Remote File Inclusion (RFI) vulnerability in galleria <= 1.0. The vulnerability allows an attacker to include and execute arbitrary remote files by manipulating the 'mosConfig_absolute_path' parameter.