Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mambo-foundation mambo vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2011-2917
SQL injection vulnerability in administrator/index2.php in Mambo CMS 4.6.5 and previous versions allows remote malicious users to execute arbitrary SQL commands via the zorder parameter.
Mambo-foundation Mambo 4.6.4
Mambo-foundation Mambo 4.6.2
Mambo-foundation Mambo 4.6.1
Mambo-foundation Mambo 4.6
Mambo-foundation Mambo
Mambo-foundation Mambo 4.6.3
1 EDB exploit
516
VMScore
CVE-2008-7215
The Image Manager in MOStlyCE prior to 2.4, as used in Mambo 4.6.3 and previous versions, allows remote malicious users to rename arbitrary files and cause a denial of service via modified file[NewFile][name], file[NewFile][tmp_name], and file[NewFile][size] parameters in a FileU...
Mambo-foundation Mambo
Mambo-foundation Mambo 4.6.2
Brilaps Mostlyce
605
VMScore
CVE-2008-7214
Cross-site request forgery (CSRF) vulnerability in administrator/index2.php in MOStlyCE prior to 2.4, as used in Mambo 4.6.3 and previous versions, allows remote malicious users to hijack the authentication of administrators for requests that add new administrator accounts via th...
Mambo-foundation Mambo
Mambo-foundation Mambo 4.6.2
Brilaps Mostlyce
445
VMScore
CVE-2008-7212
MOStlyCE prior to 2.4, as used in Mambo 4.6.3 and previous versions, allows remote malicious users to obtain sensitive information via certain requests to mambots/editors/mostlyce/jscripts/tiny_mce/filemanager/connectors/php/connector.php, which reveals the installation path in a...
Mambo-foundation Mambo
Mambo-foundation Mambo 4.6.2
Brilaps Mostlyce
435
VMScore
CVE-2008-7213
Cross-site scripting (XSS) vulnerability in mambots/editors/mostlyce/jscripts/tiny_mce/filemanager/connectors/php/connector.php in MOStlyCE prior to 2.4, as used in Mambo 4.6.3 and previous versions, allows remote malicious users to inject arbitrary web script or HTML via the Com...
Mambo-foundation Mambo
Mambo-foundation Mambo 4.6.2
Brilaps Mostlyce
1 EDB exploit
668
VMScore
CVE-2008-2498
Multiple SQL injection vulnerabilities in index.php in Mambo prior to 4.6.4, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the (1) articleid and (2) mcname parameters. NOTE: some of these details are obtained from third part...
Mambo-foundation Mambo
445
VMScore
CVE-2008-2497
CRLF injection vulnerability in Mambo prior to 4.6.4 allows remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
Mambo-foundation Mambo
383
VMScore
CVE-2011-2499
Mambo CMS up to and including 4.6.5 has multiple XSS.
Mambo-foundation Mambo Cms
445
VMScore
CVE-2011-3754
Mambo 4.6.5 allows remote malicious users to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by includes/sef.php and certain other files.
Mambo-foundation Mambo 4.6.5
445
VMScore
CVE-2013-2564
Mambo CMS 4.6.5 allows remote malicious users to cause a denial of service (memory and bandwidth consumption) by uploading a crafted file.
Mambo-foundation Mambo Cms 4.6.5
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »