Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mambo mambo vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-3263
SQL injection vulnerability in the Weblinks module (weblinks.php) in Mambo 4.6rc1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the catid parameter.
Mambo Mambo
NA
CVE-2005-0512
PHP remote file inclusion vulnerability in Tar.php in Mambo 4.5.2 allows remote malicious users to execute arbitrary PHP code by modifying the mosConfig_absolute_path parameter to reference a URL on a remote web server that contains the code, a different vulnerability than CVE-20...
Mambo Mambo
NA
CVE-2007-0789
SQL injection vulnerability in Mambo prior to 4.5.5 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors in cancel edit functions, possibly related to the id parameter.
Mambo Mambo
NA
CVE-2006-3736
PHP remote file inclusion vulnerability in core/videodb.class.xml.php in the VideoDB component for Mambo 0.3 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
Mambo Videodb 0.1
Mambo Videodb 0.2
Mambo Videodb 0.3
1 EDB exploit
NA
CVE-2008-0510
SQL injection vulnerability in index.php in the Newsletter (com_newsletter) component for Mambo 4.5 and Joomla! allows remote malicious users to execute arbitrary SQL commands via the listid parameter.
Joomla Com Newsletter
Mambo Com Newsletter
Mambo Mambo 4.5
1 EDB exploit
NA
CVE-2006-0871
Directory traversal vulnerability in the _setTemplate function in Mambo 4.5.3, 4.5.3h, and possibly earlier versions allows remote malicious users to read and include arbitrary files via the mos_change_template parameter. NOTE: CVE-2006-1794 has been assigned to the SQL injection...
Mambo Mambo 4.5.3h
1 EDB exploit
NA
CVE-2008-2497
CRLF injection vulnerability in Mambo prior to 4.6.4 allows remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
Mambo-foundation Mambo
NA
CVE-2007-2557
MOStlyDB Admin in Mambo 4.6.1 does not properly check privileges, which allows remote authenticated administrators to have an unknown impact via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Mambo Mambo 4.6.1
NA
CVE-2007-6455
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Mambo 4.6.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) Itemid parameter in a com_frontpage option and the (2) option parameter.
Mambo Mambo 4.6.2
1 EDB exploit
NA
CVE-2004-2143
SQL injection vulnerability in the ReMOSitory Server add-on module to Mambo Portal 4.5.1 (1.09) and previous versions allows remote malicious users to execute arbitrary SQL commands via the filecatid parameter in the com_remository option.
Mambo Mambo Portal
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
hard-coded
CVE-2024-27202
NULL pointer dereference
CVE-2024-28075
CVE-2024-33608
CVE-2024-28889
CVE-2024-34572
template injection
CVE-2024-34351
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »