Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mambo mambo vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2007-0789
SQL injection vulnerability in Mambo prior to 4.5.5 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors in cancel edit functions, possibly related to the id parameter.
Mambo Mambo
668
VMScore
CVE-2006-3263
SQL injection vulnerability in the Weblinks module (weblinks.php) in Mambo 4.6rc1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the catid parameter.
Mambo Mambo
668
VMScore
CVE-2005-0512
PHP remote file inclusion vulnerability in Tar.php in Mambo 4.5.2 allows remote malicious users to execute arbitrary PHP code by modifying the mosConfig_absolute_path parameter to reference a URL on a remote web server that contains the code, a different vulnerability than CVE-20...
Mambo Mambo
755
VMScore
CVE-2008-0510
SQL injection vulnerability in index.php in the Newsletter (com_newsletter) component for Mambo 4.5 and Joomla! allows remote malicious users to execute arbitrary SQL commands via the listid parameter.
Joomla Com Newsletter
Mambo Com Newsletter
Mambo Mambo 4.5
1 EDB exploit
755
VMScore
CVE-2006-3736
PHP remote file inclusion vulnerability in core/videodb.class.xml.php in the VideoDB component for Mambo 0.3 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
Mambo Videodb 0.1
Mambo Videodb 0.2
Mambo Videodb 0.3
1 EDB exploit
755
VMScore
CVE-2004-2143
SQL injection vulnerability in the ReMOSitory Server add-on module to Mambo Portal 4.5.1 (1.09) and previous versions allows remote malicious users to execute arbitrary SQL commands via the filecatid parameter in the com_remository option.
Mambo Mambo Portal
1 EDB exploit
755
VMScore
CVE-2004-1693
PHP remote file inclusion vulnerability in Function.php in Mambo 4.5 (1.0.9) allows remote malicious users to execute arbitrary PHP code by modifying the mosConfig_absolute_path parameter to reference a URL on a remote web server that contains the code.
Mambo Mambo 4.5 1.0.9
1 EDB exploit
445
VMScore
CVE-2008-2497
CRLF injection vulnerability in Mambo prior to 4.6.4 allows remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
Mambo-foundation Mambo
668
VMScore
CVE-2008-2498
Multiple SQL injection vulnerabilities in index.php in Mambo prior to 4.6.4, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the (1) articleid and (2) mcname parameters. NOTE: some of these details are obtained from third part...
Mambo-foundation Mambo
435
VMScore
CVE-2007-6455
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Mambo 4.6.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) Itemid parameter in a com_frontpage option and the (2) option parameter.
Mambo Mambo 4.6.2
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »