Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mambo-foundation mambo 4.6.5 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2011-3754
Mambo 4.6.5 allows remote malicious users to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by includes/sef.php and certain other files.
Mambo-foundation Mambo 4.6.5
2.1
CVSSv2
CVE-2013-2562
Mambo CMS 4.6.5 stores the MySQL database password in cleartext in the document root, which allows local users to obtain sensitive information via unspecified vectors.
Mambo-foundation Mambo Cms 4.6.5
2.1
CVSSv2
CVE-2013-2563
Mambo CMS 4.6.5 uses world-readable permissions on configuration.php, which allows local users to obtain the admin password hash by reading the file.
Mambo-foundation Mambo Cms 4.6.5
5
CVSSv2
CVE-2013-2564
Mambo CMS 4.6.5 allows remote malicious users to cause a denial of service (memory and bandwidth consumption) by uploading a crafted file.
Mambo-foundation Mambo Cms 4.6.5
5
CVSSv2
CVE-2013-2565
A vulnerability in Mambo CMS v4.6.5 where the scripts thumbs.php, editorFrame.php, editor.php, images.php, manager.php discloses the root path of the webserver.
Mambo-foundation Mambo Cms 4.6.5
7.5
CVSSv2
CVE-2011-2917
SQL injection vulnerability in administrator/index2.php in Mambo CMS 4.6.5 and previous versions allows remote malicious users to execute arbitrary SQL commands via the zorder parameter.
Mambo-foundation Mambo 4.6.4
Mambo-foundation Mambo 4.6.2
Mambo-foundation Mambo 4.6.1
Mambo-foundation Mambo 4.6
Mambo-foundation Mambo
Mambo-foundation Mambo 4.6.3
1 EDB exploit
4.3
CVSSv2
CVE-2011-2499
Mambo CMS up to and including 4.6.5 has multiple XSS.
Mambo-foundation Mambo Cms
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started