Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mambo mambo vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-0789
SQL injection vulnerability in Mambo prior to 4.5.5 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors in cancel edit functions, possibly related to the id parameter.
Mambo Mambo
NA
CVE-2006-3262
SQL injection vulnerability in the Weblinks module (weblinks.php) in Mambo 4.6rc1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the title parameter.
Mambo Mambo
2 EDB exploits
NA
CVE-2006-3263
SQL injection vulnerability in the Weblinks module (weblinks.php) in Mambo 4.6rc1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the catid parameter.
Mambo Mambo
NA
CVE-2006-3736
PHP remote file inclusion vulnerability in core/videodb.class.xml.php in the VideoDB component for Mambo 0.3 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
Mambo Videodb 0.1
Mambo Videodb 0.2
Mambo Videodb 0.3
1 EDB exploit
NA
CVE-2008-0510
SQL injection vulnerability in index.php in the Newsletter (com_newsletter) component for Mambo 4.5 and Joomla! allows remote malicious users to execute arbitrary SQL commands via the listid parameter.
Joomla Com Newsletter
Mambo Com Newsletter
Mambo Mambo 4.5
1 EDB exploit
NA
CVE-2004-2143
SQL injection vulnerability in the ReMOSitory Server add-on module to Mambo Portal 4.5.1 (1.09) and previous versions allows remote malicious users to execute arbitrary SQL commands via the filecatid parameter in the com_remository option.
Mambo Mambo Portal
1 EDB exploit
NA
CVE-2007-6455
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Mambo 4.6.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) Itemid parameter in a com_frontpage option and the (2) option parameter.
Mambo Mambo 4.6.2
1 EDB exploit
NA
CVE-2004-1693
PHP remote file inclusion vulnerability in Function.php in Mambo 4.5 (1.0.9) allows remote malicious users to execute arbitrary PHP code by modifying the mosConfig_absolute_path parameter to reference a URL on a remote web server that contains the code.
Mambo Mambo 4.5 1.0.9
1 EDB exploit
NA
CVE-2006-0871
Directory traversal vulnerability in the _setTemplate function in Mambo 4.5.3, 4.5.3h, and possibly earlier versions allows remote malicious users to read and include arbitrary files via the mos_change_template parameter. NOTE: CVE-2006-1794 has been assigned to the SQL injection...
Mambo Mambo 4.5.3h
1 EDB exploit
NA
CVE-2007-2557
MOStlyDB Admin in Mambo 4.6.1 does not properly check privileges, which allows remote authenticated administrators to have an unknown impact via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Mambo Mambo 4.6.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »