NVD

Id
69376  
Name
CVE-2005-3738  
Description
globals.php in Mambo Site Server 4.0.14 and earlier, when register_globals is disabled, allows remote attackers to overwrite variables in the GLOBALS array and conduct various attacks, as demonstrated using the mosConfig_absolute_path parameter to content.html.php for remote PHP file inclusion.  
Reject
 
CVSS Version
2  
CVSS Score
2.6  
Severity
Low  
CVSS Base Score
2.6  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
4.9  
CVSS Vector
(AV:N/AC:H/Au:N/C:N/I:P/A:N)  
Pub Date
2017-01-03  
Published
2005-11-22  
Modified Date
2011-03-07  
Seq
2005-3738  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
358746 69376 CVE-2005-3738 20051116 mambo remote code sexecution  View
358747 69376 CVE-2005-3738 http://forum.mamboserver.com/showthread.php?t=66154  View
358748 69376 CVE-2005-3738 1015258  View
358749 69376 CVE-2005-3738 20051118 Mambo 0day Exploit out in the wild - mambo/skype hacked  View
358750 69376 CVE-2005-3738 20060307 PHP-based CMS mass-exploitation  View
358751 69376 CVE-2005-3738 20060308 RE: [Full-disclosure] PHP-based CMS mass-exploitation  View
358752 69376 CVE-2005-3738 15461  View
358753 69376 CVE-2005-3738 ADV-2005-2473  View

Related JVN