{
    "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2006-3990",
        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "product": {
                        "product_data": [
                            {
                                "product_name": "n/a",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_value": "n/a"
                                        }
                                    ]
                                }
                            }
                        ]
                    },
                    "vendor_name": "n/a"
                }
            ]
        }
    },
    "data_format": "MITRE",
    "data_type": "CVE",
    "data_version": "4.0",
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "Multiple PHP remote file inclusion vulnerabilities in Paul M. Jones Savant2, possibly when used with the com_mtree component for Mambo and Joomla!, allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter in (1) Savant2_Plugin_stylesheet.php, (2) Savant2_Compiler_basic.php, (3) Savant2_Error_pear.php, (4) Savant2_Error_stack.php, (5) Savant2_Filter_colorizeCode.php, (6) Savant2_Filter_trimwhitespace.php, (7) Savant2_Plugin_ahref.php, (8) Savant2_Plugin_ahrefcontact.php, (9) Savant2_Plugin_ahreflisting.php, (10) Savant2_Plugin_ahreflistingimage.php, (11) Savant2_Plugin_ahrefmap.php, (12) Savant2_Plugin_ahrefownerlisting.php, (13) Savant2_Plugin_ahrefprint.php, (14) Savant2_Plugin_ahrefrating.php, (15) Savant2_Plugin_ahrefrecommend.php, (16) Savant2_Plugin_ahrefreport.php, (17) Savant2_Plugin_ahrefreview.php, (18) Savant2_Plugin_ahrefvisit.php, (19) Savant2_Plugin_checkbox.php, (20) Savant2_Plugin_cycle.php, (21) Savant2_Plugin_dateformat.php, (22) Savant2_Plugin_editor.php, (23) Savant2_Plugin_form.php, (24) Savant2_Plugin_image.php, (25) Savant2_Plugin_input.php, (26) Savant2_Plugin_javascript.php, (27) Savant2_Plugin_listalpha.php, (28) Savant2_Plugin_listingname.php, (29) Savant2_Plugin_modify.php, (30) Savant2_Plugin_mtpath.php, (31) Savant2_Plugin_options.php, (32) Savant2_Plugin_radios.php, (33) Savant2_Plugin_rating.php, or (34) Savant2_Plugin_textarea.php."
            }
        ]
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "n/a"
                    }
                ]
            }
        ]
    },
    "references": {
        "reference_data": [
            {
                "name": "28692",
                "refsource": "OSVDB",
                "url": "http://www.osvdb.org/28692"
            },
            {
                "name": "28682",
                "refsource": "OSVDB",
                "url": "http://www.osvdb.org/28682"
            },
            {
                "name": "28691",
                "refsource": "OSVDB",
                "url": "http://www.osvdb.org/28691"
            },
            {
                "name": "1016560",
                "refsource": "SECTRACK",
                "url": "http://securitytracker.com/id?1016560"
            },
            {
                "name": "28706",
                "refsource": "OSVDB",
                "url": "http://www.osvdb.org/28706"
            },
            {
                "name": "28700",
                "refsource": "OSVDB",
                "url": "http://www.osvdb.org/28700"
            },
            {
                "name": "28690",
                "refsource": "OSVDB",
                "url": "http://www.osvdb.org/28690"
            },
            {
                "name": "28693",
                "refsource": "OSVDB",
                "url": "http://www.osvdb.org/28693"
            },
            {
                "name": "28704",
                "refsource": "OSVDB",
                "url": "http://www.osvdb.org/28704"
            },
            {
                "name": "1324",
                "refsource": "SREASON",
                "url": "http://securityreason.com/securityalert/1324"
            },
            {
                "name": "28679",
                "refsource": "OSVDB",
                "url": "http://www.osvdb.org/28679"
            },
            {
                "name": "28699",
                "refsource": "OSVDB",
                "url": "http://www.osvdb.org/28699"
            },
            {
                "name": "28686",
                "refsource": "OSVDB",
                "url": "http://www.osvdb.org/28686"
            },
            {
                "name": "28709",
                "refsource": "OSVDB",
                "url": "http://www.osvdb.org/28709"
            },
            {
                "name": "28698",
                "refsource": "OSVDB",
                "url": "http://www.osvdb.org/28698"
            },
            {
                "name": "28696",
                "refsource": "OSVDB",
                "url": "http://www.osvdb.org/28696"
            },
            {
                "name": "28697",
                "refsource": "OSVDB",
                "url": "http://www.osvdb.org/28697"
            },
            {
                "name": "28703",
                "refsource": "OSVDB",
                "url": "http://www.osvdb.org/28703"
            },
            {
                "name": "28702",
                "refsource": "OSVDB",
                "url": "http://www.osvdb.org/28702"
            },
            {
                "name": "20060721 [Kurdish Security # 13] Savant2 Remote File Include Vulnerability [For Mambo, Joomla]",
                "refsource": "BUGTRAQ",
                "url": "http://www.securityfocus.com/archive/1/440835/100/200/threaded"
            },
            {
                "name": "28710",
                "refsource": "OSVDB",
                "url": "http://www.osvdb.org/28710"
            },
            {
                "name": "28681",
                "refsource": "OSVDB",
                "url": "http://www.osvdb.org/28681"
            },
            {
                "name": "28689",
                "refsource": "OSVDB",
                "url": "http://www.osvdb.org/28689"
            },
            {
                "name": "28712",
                "refsource": "OSVDB",
                "url": "http://www.osvdb.org/28712"
            },
            {
                "name": "19151",
                "refsource": "BID",
                "url": "http://www.securityfocus.com/bid/19151"
            },
            {
                "name": "28708",
                "refsource": "OSVDB",
                "url": "http://www.osvdb.org/28708"
            },
            {
                "name": "28683",
                "refsource": "OSVDB",
                "url": "http://www.osvdb.org/28683"
            },
            {
                "name": "28684",
                "refsource": "OSVDB",
                "url": "http://www.osvdb.org/28684"
            },
            {
                "name": "28688",
                "refsource": "OSVDB",
                "url": "http://www.osvdb.org/28688"
            },
            {
                "name": "28685",
                "refsource": "OSVDB",
                "url": "http://www.osvdb.org/28685"
            },
            {
                "name": "28711",
                "refsource": "OSVDB",
                "url": "http://www.osvdb.org/28711"
            },
            {
                "name": "28687",
                "refsource": "OSVDB",
                "url": "http://www.osvdb.org/28687"
            },
            {
                "name": "28707",
                "refsource": "OSVDB",
                "url": "http://www.osvdb.org/28707"
            },
            {
                "name": "savant-multiple-plugin-file-include(27906)",
                "refsource": "XF",
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27906"
            },
            {
                "name": "28701",
                "refsource": "OSVDB",
                "url": "http://www.osvdb.org/28701"
            },
            {
                "name": "28695",
                "refsource": "OSVDB",
                "url": "http://www.osvdb.org/28695"
            },
            {
                "name": "28680",
                "refsource": "OSVDB",
                "url": "http://www.osvdb.org/28680"
            },
            {
                "name": "28705",
                "refsource": "OSVDB",
                "url": "http://www.osvdb.org/28705"
            },
            {
                "name": "28694",
                "refsource": "OSVDB",
                "url": "http://www.osvdb.org/28694"
            }
        ]
    }
}