A remote file inclusion vulnerability is present in Mambo. /includes/Cache/Lite/Output.php doesn't sanitize the $mosConfig_absolute_path before using it in an include.
CVE Link
Exploit Type - Old
Exploits/Remote File Inclusion/Known Vulnerabilities
Exploit Type
Product Name