Unrated severityNVD Advisory· Published Sep 19, 2006· Updated Jun 16, 2026
CVE-2006-4858
CVE-2006-4858
Description
PHP remote file inclusion vulnerability in install.serverstat.php in the Serverstat (com_serverstat) 0.4.4 and earlier component for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:a:mamboxchange:serverstat_component:*:*:*:*:*:*:*:*Range: <=0.4.4
Patches
Vulnerability mechanics
References
7- www.securityfocus.com/bid/20018nvdExploit
- secunia.com/advisories/21943nvdVendor Advisory
- securityreason.com/securityalert/1598nvd
- www.securityfocus.com/archive/1/446110/100/0/threadednvd
- www.vupen.com/english/advisories/2006/3610nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/28959nvd
- www.exploit-db.com/exploits/2367nvd
News mentions
0No linked articles in our index yet.