Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

mambo mambo 4.5.3h vulnerabilities and exploits

(subscribe to this query)
6.4
CVSSv2
CVE-2006-0871
Directory traversal vulnerability in the _setTemplate function in Mambo 4.5.3, 4.5.3h, and possibly earlier versions allows remote malicious users to read and include arbitrary files via the mos_change_template parameter. NOTE: CVE-2006-1794 has been assigned to the SQL injection...
Mambo Mambo 4.5.3h
5
CVSSv2
CVE-2006-1956
The com_rss option (rss.php) in (1) Mambo and (2) Joomla! allows remote malicious users to obtain sensitive information via an invalid feed parameter, which reveals the path in an error message.
Mambo Mambo 4.5.3hJoomla Joomla 1.0.7
7.6
CVSSv2
CVE-2006-1794
SQL injection vulnerability in Mambo 4.5.3, 4.5.3h, and possibly earlier versions allows remote malicious users to execute arbitrary SQL commands via (1) the $username variable in the mosGetParam function and (2) the $task parameter in the mosMenuCheck function in (a) includes/ma...
Mambo Mambo 4.0.14Mambo Mambo 4.5.2.3Mambo Mambo 4.5.3hMambo Mambo 4.5.1 1.0.9Mambo Mambo 4.5.1aMambo Mambo 4.5 1.0.0Mambo Mambo 4.5 1.0.1Mambo Mambo 4.5.2.1Mambo Mambo 4.5.2.2Mambo Mambo 4.5 1.0.3 BetaMambo MamboMambo Mambo 4.5.2Mambo Mambo 4.5 1.0.2
7.5
CVSSv2
CVE-2006-4286
PHP remote file inclusion vulnerability in contentpublisher.php in the contentpublisher component (com_contentpublisher) for Mambo allows remote malicious users to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. NOTE: this issue has been disputed by...
Mambo Mambo 4.6Mambo Mambo 4.5 1.0.1Mambo Mambo 4.5.2Mambo Mambo 4.5 1.0.3 BetaMambo Mambo 4.5.0.2Mambo Mambo 4.5.2.2Mambo Mambo 4.5.1 1.0.9Mambo Mambo 4.5.2.3Mambo Mambo 4.5.3hMambo Mambo 4.5.1aMambo Mambo 4.5 1.0.0Mambo Mambo 4.5.2.1Mambo Mambo 4.0.14Mambo Mambo 4.5.1.3Mambo Mambo 4.5 1.0.2Mambo Mambo 4.5 1.0.9
7.5
CVSSv2
CVE-2008-0517
SQL injection vulnerability in index.php in the Darko Selesi EstateAgent (com_estateagent) 0.1 component for Mambo 4.5.x and Joomla! allows remote malicious users to execute arbitrary SQL commands via the objid parameter in a contact showObject action.
Mambo Mambo 4.5.1 BetaMambo Mambo 4.5.1 Beta2Mambo Mambo 4.5.4Mambo Mambo 4.5 1.0.0Darko Selesi Estateagent 0.1Joomla JoomlaMambo Mambo 4.5.1aMambo Mambo 4.5.2Mambo Mambo 4.5 1.0.1Mambo Mambo 4.5 1.0.2Mambo Mambo 4.5.1.3Mambo Mambo 4.5.1 1.0.9Mambo Mambo 4.5.2.3Mambo Mambo 4.5.3hMambo Mambo 4.5Mambo Mambo 4.5.0.2Mambo Mambo 4.5.2.1Mambo Mambo 4.5.2.2Mambo Mambo 4.5 1.0.3 BetaMambo Mambo 4.5 1.0.9
6.8
CVSSv2
CVE-2008-2905
PHP remote file inclusion vulnerability in includes/Cache/Lite/Output.php in the Cache_Lite package in Mambo 4.6.4 and previous versions, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the mosConfig_absolute_path paramet...
Mambo Mambo 4.5.1.3Mambo Mambo 4.5.1 1.0.9Mambo Mambo 4.5.3hMambo Mambo 4.5.4Mambo Mambo 4.6.1Mambo Mambo 4.6.2Mambo Mambo 4.0.14Mambo Mambo 4.5.1aMambo Mambo 4.5.2Mambo Mambo 4.5.2.1Mambo Mambo 4.5 1.0.2Mambo Mambo 4.5 1.0.3 BetaMambo Mambo 4.5.1 BetaMambo Mambo 4.5.1 Beta2Mambo Mambo 4.5 1.0.0Mambo Mambo 4.5 1.0.1Mambo Mambo 4.6.4Mambo Mambo 4.5Mambo Mambo 4.5.0.2Mambo Mambo 4.5.2.2Mambo Mambo 4.5.2.3Mambo Mambo 4.5 1.0.9
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
race conditionCVE-2024-4249CVE-2024-4244CVE-2023-20198TCPCVE-2022-48648CVE-2022-48636CVE-2024-21345SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook