2008-7215 | Mambo connector.php input validation (BID-27472 / XFDB-39986)

CVSS Meta Temp Score Current Exploit Price (≈) CTI Interest Score
6.2 $0-$5k 0.10

A vulnerability, which was classified as critical, was found in Mambo 4.6.2/4.6.3 (Content Management System). This affects an unknown code block of the file connectors/php/connector.php. The manipulation of the argument _FILES with an unknown input leads to a privilege escalation vulnerability. CWE is classifying the issue as CWE-20. This is going to have an impact on integrity, and availability.

The weakness was released 01/28/2008 (Website). It is possible to read the advisory at securityfocus.com. This vulnerability is uniquely identified as CVE-2008-7215 since 09/11/2009. It is possible to initiate the attack remotely. No form of authentication is needed for exploitation. Technical details and a exploit are known.

After even before and not, there has been an exploit disclosed. It is declared as proof-of-concept. The exploit is shared for download at exploit-db.com. The vulnerability scanner Nessus provides a plugin with the ID 30110 (Mambo MOStlyCE Mambot Arbitrary File Rename), which helps to determine the existence of the flaw in a target environment. It is assigned to the family CGI abuses.

There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

The vulnerability is also documented in the databases at X-Force (39986), Vulnerability Center (SBV-17538), Tenable (30110) and Exploit-DB (4845). Entries connected to this vulnerability are available at 49970, 49969 and 49968.



VulDB Meta Base Score: 6.5
VulDB Meta Temp Score: 6.2

VulDB Base Score: 6.5
VulDB Temp Score: 6.2
VulDB Vector: 🔍
VulDB Reliability: 🔍

🔍 🔍 🔍 🔍 🔍 🔍
🔍 🔍 🔍 🔍 🔍 🔍
🔍 🔍 🔍 🔍 🔍 🔍
Vector Complexity Authentication Confidentiality Integrity Availability
unlock unlock unlock unlock unlock unlock
unlock unlock unlock unlock unlock unlock
unlock unlock unlock unlock unlock unlock

VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍

NVD Base Score: 🔍

Class: Privilege escalation
ATT&CK: Unknown

Local: No
Remote: Yes

Availability: 🔍
Status: Proof-of-Concept
Download: 🔍

Price Prediction: 🔍
Current Price Estimation: 🔍

0-Day unlock unlock unlock unlock
Today unlock unlock unlock unlock

Nessus ID: 30110
Nessus Name: Mambo MOStlyCE Mambot Arbitrary File Rename
Nessus File: 🔍
Nessus Risk: 🔍
Nessus Family: 🔍

Exploit-DB: 🔍

Threat Intelligenceinfoedit

Interest: 🔍
Active Actors: 🔍
Active APT Groups: 🔍Recommended: no mitigation known
Status: 🔍

0-Day Time: 🔍

01/28/2008 🔍
01/28/2008 +0 days 🔍
01/28/2008 +0 days 🔍
01/28/2008 +0 days 🔍
01/28/2008 +0 days 🔍
01/29/2008 +0 days 🔍
01/29/2008 +0 days 🔍
02/04/2008 +5 days 🔍
09/11/2009 +585 days 🔍
09/11/2009 +0 days 🔍
03/18/2015 +2014 days 🔍
08/22/2021 +2349 days 🔍Advisory: securityfocus.com
Status: Not defined
Confirmation: 🔍

CVE: CVE-2008-7215 (🔍)
X-Force: 39986
Vulnerability Center: 17538 – Mambo MOStlyCE Vulnerability Allows Remote Attackers to Delete Files and Cause DoS, Medium
SecurityFocus: 27472 – Mambo MOStlyCE Module Image Manager Utility Arbitrary File Upload Vulnerability
Secunia: 28670 – Mambo Multiple Vulnerabilities, Moderately Critical
OSVDB: 42532 – MOStlyCE for Mambo connectors/php/connector.php Command Variable Absolute Path Arbitrary File Deletion
Vupen: ADV-2008-0325

scip Labs: https://www.scip.ch/en/?labs.20161013
See also: 🔍

Created: 03/18/2015 15:15
Updated: 08/22/2021 13:26
Changes: (4) source_nessus_risk source_exploitdb exploit_price_0day vulnerability_cvss2_nvd_basescore
Complete: 🔍

Use the official API to access entries easily!

Source link