Unrated severityNVD Advisory· Published Aug 26, 2006· Updated Jun 16, 2026
CVE-2006-4372
CVE-2006-4372
Description
PHP remote file inclusion vulnerability in admin.lurm_constructor.php in the Lurm Constructor component (com_lurm_constructor) 0.6b and earlier for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the lm_absolute_path parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:a:constructor_component:constructor_component:*:*:*:*:*:*:*:*Range: <=0.6b
- Range: <= 0.6b
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.