Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mambo mambo vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2005-0512
PHP remote file inclusion vulnerability in Tar.php in Mambo 4.5.2 allows remote malicious users to execute arbitrary PHP code by modifying the mosConfig_absolute_path parameter to reference a URL on a remote web server that contains the code, a different vulnerability than CVE-20...
Mambo Mambo
6.8
CVSSv2
CVE-2007-0789
SQL injection vulnerability in Mambo prior to 4.5.5 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors in cancel edit functions, possibly related to the id parameter.
Mambo Mambo
7.5
CVSSv2
CVE-2006-3262
SQL injection vulnerability in the Weblinks module (weblinks.php) in Mambo 4.6rc1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the title parameter.
Mambo Mambo
2 EDB exploits
7.5
CVSSv2
CVE-2008-0510
SQL injection vulnerability in index.php in the Newsletter (com_newsletter) component for Mambo 4.5 and Joomla! allows remote malicious users to execute arbitrary SQL commands via the listid parameter.
Joomla Com Newsletter
Mambo Com Newsletter
Mambo Mambo 4.5
1 EDB exploit
7.5
CVSSv2
CVE-2006-3736
PHP remote file inclusion vulnerability in core/videodb.class.xml.php in the VideoDB component for Mambo 0.3 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
Mambo Videodb 0.1
Mambo Videodb 0.2
Mambo Videodb 0.3
1 EDB exploit
5
CVSSv2
CVE-2008-2497
CRLF injection vulnerability in Mambo prior to 4.6.4 allows remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
Mambo-foundation Mambo
7.5
CVSSv2
CVE-2008-2498
Multiple SQL injection vulnerabilities in index.php in Mambo prior to 4.6.4, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the (1) articleid and (2) mcname parameters. NOTE: some of these details are obtained from third part...
Mambo-foundation Mambo
4.3
CVSSv2
CVE-2007-6455
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Mambo 4.6.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) Itemid parameter in a com_frontpage option and the (2) option parameter.
Mambo Mambo 4.6.2
1 EDB exploit
7.5
CVSSv2
CVE-2004-1693
PHP remote file inclusion vulnerability in Function.php in Mambo 4.5 (1.0.9) allows remote malicious users to execute arbitrary PHP code by modifying the mosConfig_absolute_path parameter to reference a URL on a remote web server that contains the code.
Mambo Mambo 4.5 1.0.9
1 EDB exploit
7.5
CVSSv2
CVE-2004-2143
SQL injection vulnerability in the ReMOSitory Server add-on module to Mambo Portal 4.5.1 (1.09) and previous versions allows remote malicious users to execute arbitrary SQL commands via the filecatid parameter in the com_remository option.
Mambo Mambo Portal
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »