| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 7.3 | $0-$5k | 0.00 |
A vulnerability classified as critical was found in perForms Component up to 1.0 on Joomla (Joomla Component). Affected by this vulnerability is an unknown function of the file performs.php. The manipulation of the argument mosConfig_absolute_path with an unknown input leads to a privilege escalation vulnerability. The CWE definition for the vulnerability is CWE-94. As an impact it is known to affect confidentiality, integrity, and availability.
The bug was discovered 07/13/2006. The weakness was published 07/24/2006 as not defined posting (Bugtraq). The advisory is shared at securityfocus.com. This vulnerability is known as CVE-2006-3774 since 07/21/2006. The attack can be launched remotely. The exploitation doesn’t need any form of authentication. Technical details and also a public exploit are known.
It is declared as proof-of-concept. It is possible to download the exploit at securityfocus.com. The vulnerability was handled as a non-public zero-day exploit for at least 2 days. During that time the estimated underground price was around $0-$5k. The vulnerability scanner Nessus provides a plugin with the ID 22049 (Mambo / Joomla! Component / Module ‘mosConfig_absolute_path’ Multiple Parameter Remote File Include Vulnerabilities), which helps to determine the existence of the flaw in a target environment. It is assigned to the family CGI abuses and running in the context remote.
Upgrading eliminates this vulnerability.
The vulnerability is also documented in the databases at SecurityFocus (BID 18968), X-Force (27724), Secunia (SA21044), SecurityTracker (ID 1016498) and Vulnerability Center (SBV-12292). Similar entries are available at 31637, 31587, 31585 and 31510.
Type
Name
VulDB Meta Base Score: 8.1
VulDB Meta Temp Score: 7.3
VulDB Base Score: 8.1
VulDB Temp Score: 7.3
VulDB Vector: 🔍
VulDB Reliability: 🔍
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 🔍 | 🔍 | 🔍 | 🔍 | 🔍 | 🔍 |
| 🔍 | 🔍 | 🔍 | 🔍 | 🔍 | 🔍 |
| 🔍 | 🔍 | 🔍 | 🔍 | 🔍 | 🔍 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| unlock | unlock | unlock | unlock | unlock | unlock |
| unlock | unlock | unlock | unlock | unlock | unlock |
| unlock | unlock | unlock | unlock | unlock | unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Class: Privilege escalation
CWE: CWE-94
ATT&CK: Unknown
Local: No
Remote: Yes
Availability: 🔍
Access: Public
Status: Proof-of-Concept
Download: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | unlock | unlock | unlock | unlock |
|---|---|---|---|---|
| Today | unlock | unlock | unlock | unlock |
Nessus ID: 22049
Nessus Name: Mambo / Joomla! Component / Module ‘mosConfig_absolute_path’ Multiple Parameter Remote File Include Vulnerabilities
Nessus File: 🔍
Nessus Risk: 🔍
Nessus Family: 🔍
Nessus Context: 🔍
Exploit-DB: 🔍
Threat Intelligence
Interest: 🔍
Active Actors: 🔍
Active APT Groups: 🔍Recommended: Upgrade
Status: 🔍
0-Day Time: 🔍
Upgrade: securityfocus.com
07/13/2006 🔍
07/13/2006 🔍
07/13/2006 🔍
07/14/2006 🔍
07/14/2006 🔍
07/15/2006 🔍
07/17/2006 🔍
07/21/2006 🔍
07/24/2006 🔍
07/24/2006 🔍
03/12/2015 🔍
08/11/2017 🔍
07/12/2021 🔍Advisory: securityfocus.com
Status: Not defined
CVE: CVE-2006-3774 (🔍)
SecurityFocus: 18968 – PerForms Performs.PHP Remote File Include Vulnerability
Secunia: 21044 – Mambo / Joomla perForms "mosConfig_absolute_path" File Inclusion, Highly Critical
X-Force: 27724
SecurityTracker: 1016498
Vulnerability Center: 12292 – Joomla! PerForms Component Remote File Inclusion Vulnerability, High
OSVDB: 27428 – PerForms – Performs.PHP – Remote File Include Issue
Vupen: ADV-2006-2786
scip Labs: https://www.scip.ch/en/?labs.20161013
See also: 🔍
Created: 03/12/2015 14:25
Updated: 07/12/2021 20:04
Changes: (2) source_exploitdb vulnerability_cvss2_nvd_basescore
Complete: 🔍
See the underground prices here!
