Unrated severityNVD Advisory· Published Jul 3, 2006· Updated Apr 16, 2026
CVE-2006-3340
CVE-2006-3340
Description
Multiple PHP remote file inclusion vulnerabilities in Pearl For Mambo module 1.6 for Mambo, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via the (1) phpbb_root_path parameter in (a) includes/functions_cms.php and the (2) GlobalSettings[templatesDirectory] parameter in multiple files in the "includes" directory including (b) adminSensored.php, (c) adminBoards.php, (d) adminAttachments.php, (e) adminAvatars.php, (f) adminBackupdatabase.php, (g) adminBanned.php, (h) adminForums.php, (i) adminPolls.php, (j) adminSmileys.php, (k) poll.php, and (l) move.php.
Affected products
2cpe:2.3:a:pearlinger:pearl_for_mambo:1.5:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:pearlinger:pearl_for_mambo:1.5:*:*:*:*:*:*:*
- cpe:2.3:a:pearlinger:pearl_for_mambo:1.6:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
15- www.securityfocus.com/bid/18690nvdExploit
- secunia.com/advisories/20819nvdVendor Advisory
- www.osvdb.org/27168nvd
- www.osvdb.org/27169nvd
- www.osvdb.org/27170nvd
- www.osvdb.org/27171nvd
- www.osvdb.org/27172nvd
- www.osvdb.org/27173nvd
- www.osvdb.org/27174nvd
- www.osvdb.org/27175nvd
- www.osvdb.org/27176nvd
- www.osvdb.org/27177nvd
- www.osvdb.org/27178nvd
- www.vupen.com/english/advisories/2006/2561nvd
- www.exploit-db.com/exploits/1956nvd
News mentions
0No linked articles in our index yet.