OpenCVE

Multiple PHP remote file inclusion vulnerabilities in the Rssxt component for Joomla! (com_rssxt), possibly 2.0 Beta 1 or 1.0 and earlier, allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter in (1) pinger.php, (2) RPC.php, or (3) rssxt.php. NOTE: another researcher has disputed this issue, saying that the attacker can not control this parameter. In addition, as of 20060825, the original researcher has appeared to be unreliable with some other past reports. CVE has not performed any followup analysis with respect to this issue

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Joomla	Rssxt Component

Configuration 1 [-]

OR	cpe:2.3:a:joomla:rssxt_component::::::::
	cpe:2.3:a:joomla:rssxt_component:1.0:::::::*

No data.

References

Link	Providers
http://securityreason.com/securityalert/1456
http://www.osvdb.org/28096
http://www.securityfocus.com/archive/1/443628/100/100/threaded
http://www.securityfocus.com/archive/1/444058/100/100/threaded
http://www.securityfocus.com/bid/19593

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2006-08-26T01:00:00

Updated: 2024-08-07T19:06:07.631Z

Reserved: 2006-08-25T00:00:00

Link: CVE-2006-4378

Vulnrichment

No data.

NVD

Status : Modified

Published: 2006-08-26T21:04:00.000

Modified: 2024-11-21T00:15:48.897

Link: CVE-2006-4378

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-08-18T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple PHP remote file inclusion vulnerabilities in the Rssxt component for Joomla! (com_rssxt), possibly 2.0 Beta 1 or 1.0 and earlier, allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter in (1) pinger.php, (2) RPC.php, or (3) rssxt.php. NOTE: another researcher has disputed this issue, saying that the attacker can not control this parameter. In addition, as of 20060825, the original researcher has appeared to be unreliable with some other past reports. CVE has not performed any followup analysis with respect to this issue"}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-17T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "19593", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/19593"}, {"name": "28096", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/28096"}, {"name": "20060818 Joomla Rssxt <= 1.0 Remote File Include Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/443628/100/100/threaded"}, {"name": "1456", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/1456"}, {"name": "20060818 Re: Joomla Rssxt <= 1.0 Remote File Include Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/444058/100/100/threaded"}], "tags": ["disputed"], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-4378", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in the Rssxt component for Joomla! (com_rssxt), possibly 2.0 Beta 1 or 1.0 and earlier, allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter in (1) pinger.php, (2) RPC.php, or (3) rssxt.php. NOTE: another researcher has disputed this issue, saying that the attacker can not control this parameter. In addition, as of 20060825, the original researcher has appeared to be unreliable with some other past reports. CVE has not performed any followup analysis with respect to this issue."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "19593", "refsource": "BID", "url": "http://www.securityfocus.com/bid/19593"}, {"name": "28096", "refsource": "OSVDB", "url": "http://www.osvdb.org/28096"}, {"name": "20060818 Joomla Rssxt <= 1.0 Remote File Include Vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/443628/100/100/threaded"}, {"name": "1456", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/1456"}, {"name": "20060818 Re: Joomla Rssxt <= 1.0 Remote File Include Vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/444058/100/100/threaded"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T19:06:07.631Z"}, "title": "CVE Program Container", "references": [{"name": "19593", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/19593"}, {"name": "28096", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/28096"}, {"name": "20060818 Joomla Rssxt <= 1.0 Remote File Include Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/443628/100/100/threaded"}, {"name": "1456", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/1456"}, {"name": "20060818 Re: Joomla Rssxt <= 1.0 Remote File Include Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/444058/100/100/threaded"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-4378", "datePublished": "2006-08-26T01:00:00", "dateReserved": "2006-08-25T00:00:00", "dateUpdated": "2024-08-07T19:06:07.631Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:joomla:rssxt_component:*:*:*:*:*:*:*:*", "matchCriteriaId": "4BDB453C-598C-46B5-9A58-EF3B7AF55B79", "versionEndIncluding": "2.0_beta_1", "vulnerable": true}, {"criteria": "cpe:2.3:a:joomla:rssxt_component:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "403550AF-3773-4C5A-92C4-74C091C65FFE", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [{"sourceIdentifier": "cve@mitre.org", "tags": ["disputed"]}], "descriptions": [{"lang": "en", "value": "Multiple PHP remote file inclusion vulnerabilities in the Rssxt component for Joomla! (com_rssxt), possibly 2.0 Beta 1 or 1.0 and earlier, allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter in (1) pinger.php, (2) RPC.php, or (3) rssxt.php. NOTE: another researcher has disputed this issue, saying that the attacker can not control this parameter. In addition, as of 20060825, the original researcher has appeared to be unreliable with some other past reports. CVE has not performed any followup analysis with respect to this issue"}, {"lang": "es", "value": "** IMPUGNADA ** M\u00faltiples vulnerabilidades de inclusi\u00f3n remota de archivo en PHP en el componente Rssxt para Joomla! (com_rssxt), posiblemente 2.0 Beta 1 o 1.0 y anteriores, permiten a atacantes remotos ejecutar c\u00f3digo PHP de su elecci\u00f3n mediante una URL en el par\u00e1metro mosConfig_absolute_path en (1) pinger.php, (2) RPC.php, o (3) rssxt.php. NOTA: otro investigador ha impugnado este problema, diciendo que el atacante no puede controlar este par\u00e1metro. Adem\u00e1s, a fecha de 25/8/2006, el investigador original se ha mostrado poco fiable seg\u00fan algunos reportes anteriores. CVE no ha realizado ning\u00fan an\u00e1lisis de seguimiento con respecto a este problema."}], "id": "CVE-2006-4378", "lastModified": "2024-11-21T00:15:48.897", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-08-26T21:04:00.000", "references": [{"source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/1456"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/28096"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/443628/100/100/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/444058/100/100/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/19593"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securityreason.com/securityalert/1456"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/28096"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/443628/100/100/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/444058/100/100/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/19593"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}