Unrated severityNVD Advisory· Published Jul 3, 2006· Updated Jun 16, 2026
CVE-2006-3340
CVE-2006-3340
Description
Multiple PHP remote file inclusion vulnerabilities in Pearl For Mambo module 1.6 for Mambo, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via the (1) phpbb_root_path parameter in (a) includes/functions_cms.php and the (2) GlobalSettings[templatesDirectory] parameter in multiple files in the "includes" directory including (b) adminSensored.php, (c) adminBoards.php, (d) adminAttachments.php, (e) adminAvatars.php, (f) adminBackupdatabase.php, (g) adminBanned.php, (h) adminForums.php, (i) adminPolls.php, (j) adminSmileys.php, (k) poll.php, and (l) move.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3cpe:2.3:a:pearlinger:pearl_for_mambo:1.5:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:pearlinger:pearl_for_mambo:1.5:*:*:*:*:*:*:*
- cpe:2.3:a:pearlinger:pearl_for_mambo:1.6:*:*:*:*:*:*:*
- Range: =1.6
Patches
Vulnerability mechanics
References
15- www.securityfocus.com/bid/18690nvdExploit
- secunia.com/advisories/20819nvdVendor Advisory
- www.osvdb.org/27168nvd
- www.osvdb.org/27169nvd
- www.osvdb.org/27170nvd
- www.osvdb.org/27171nvd
- www.osvdb.org/27172nvd
- www.osvdb.org/27173nvd
- www.osvdb.org/27174nvd
- www.osvdb.org/27175nvd
- www.osvdb.org/27176nvd
- www.osvdb.org/27177nvd
- www.osvdb.org/27178nvd
- www.vupen.com/english/advisories/2006/2561nvd
- www.exploit-db.com/exploits/1956nvd
News mentions
0No linked articles in our index yet.