Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mambo mambo 4.5.3h vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv2
CVE-2006-0871
Directory traversal vulnerability in the _setTemplate function in Mambo 4.5.3, 4.5.3h, and possibly earlier versions allows remote malicious users to read and include arbitrary files via the mos_change_template parameter. NOTE: CVE-2006-1794 has been assigned to the SQL injection...
Mambo Mambo 4.5.3h
1 EDB exploit
5
CVSSv2
CVE-2006-1956
The com_rss option (rss.php) in (1) Mambo and (2) Joomla! allows remote malicious users to obtain sensitive information via an invalid feed parameter, which reveals the path in an error message.
Mambo Mambo 4.5.3h
Joomla Joomla 1.0.7
7.6
CVSSv2
CVE-2006-1794
SQL injection vulnerability in Mambo 4.5.3, 4.5.3h, and possibly earlier versions allows remote malicious users to execute arbitrary SQL commands via (1) the $username variable in the mosGetParam function and (2) the $task parameter in the mosMenuCheck function in (a) includes/ma...
Mambo Mambo 4.0.14
Mambo Mambo 4.5.2.3
Mambo Mambo 4.5.3h
Mambo Mambo 4.5.1 1.0.9
Mambo Mambo 4.5.1a
Mambo Mambo 4.5 1.0.0
Mambo Mambo 4.5 1.0.1
Mambo Mambo 4.5.2.1
Mambo Mambo 4.5.2.2
Mambo Mambo 4.5 1.0.3 Beta
Mambo Mambo
Mambo Mambo 4.5.2
Mambo Mambo 4.5 1.0.2
1 EDB exploit
7.5
CVSSv2
CVE-2006-4286
PHP remote file inclusion vulnerability in contentpublisher.php in the contentpublisher component (com_contentpublisher) for Mambo allows remote malicious users to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. NOTE: this issue has been disputed by...
Mambo Mambo 4.6
Mambo Mambo 4.5 1.0.1
Mambo Mambo 4.5.2
Mambo Mambo 4.5 1.0.3 Beta
Mambo Mambo 4.5.0.2
Mambo Mambo 4.5.2.2
Mambo Mambo 4.5.1 1.0.9
Mambo Mambo 4.5.2.3
Mambo Mambo 4.5.3h
Mambo Mambo 4.5.1a
Mambo Mambo 4.5 1.0.0
Mambo Mambo 4.5.2.1
Mambo Mambo 4.0.14
Mambo Mambo 4.5.1.3
Mambo Mambo 4.5 1.0.2
Mambo Mambo 4.5 1.0.9
7.5
CVSSv2
CVE-2008-0517
SQL injection vulnerability in index.php in the Darko Selesi EstateAgent (com_estateagent) 0.1 component for Mambo 4.5.x and Joomla! allows remote malicious users to execute arbitrary SQL commands via the objid parameter in a contact showObject action.
Mambo Mambo 4.5.1 Beta
Mambo Mambo 4.5.1 Beta2
Mambo Mambo 4.5.4
Mambo Mambo 4.5 1.0.0
Darko Selesi Estateagent 0.1
Joomla Joomla
Mambo Mambo 4.5.1a
Mambo Mambo 4.5.2
Mambo Mambo 4.5 1.0.1
Mambo Mambo 4.5 1.0.2
Mambo Mambo 4.5.1.3
Mambo Mambo 4.5.1 1.0.9
Mambo Mambo 4.5.2.3
Mambo Mambo 4.5.3h
Mambo Mambo 4.5
Mambo Mambo 4.5.0.2
Mambo Mambo 4.5.2.1
Mambo Mambo 4.5.2.2
Mambo Mambo 4.5 1.0.3 Beta
Mambo Mambo 4.5 1.0.9
1 EDB exploit
6.8
CVSSv2
CVE-2008-2905
PHP remote file inclusion vulnerability in includes/Cache/Lite/Output.php in the Cache_Lite package in Mambo 4.6.4 and previous versions, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the mosConfig_absolute_path paramet...
Mambo Mambo 4.5.1.3
Mambo Mambo 4.5.1 1.0.9
Mambo Mambo 4.5.3h
Mambo Mambo 4.5.4
Mambo Mambo 4.6.1
Mambo Mambo 4.6.2
Mambo Mambo 4.0.14
Mambo Mambo 4.5.1a
Mambo Mambo 4.5.2
Mambo Mambo 4.5.2.1
Mambo Mambo 4.5 1.0.2
Mambo Mambo 4.5 1.0.3 Beta
Mambo Mambo 4.5.1 Beta
Mambo Mambo 4.5.1 Beta2
Mambo Mambo 4.5 1.0.0
Mambo Mambo 4.5 1.0.1
Mambo Mambo 4.6.4
Mambo Mambo 4.5
Mambo Mambo 4.5.0.2
Mambo Mambo 4.5.2.2
Mambo Mambo 4.5.2.3
Mambo Mambo 4.5 1.0.9
3 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
race condition
CVE-2024-4249
CVE-2024-4244
CVE-2023-20198
TCP
CVE-2022-48648
CVE-2022-48636
CVE-2024-21345
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started