Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mambo vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2004-2143
SQL injection vulnerability in the ReMOSitory Server add-on module to Mambo Portal 4.5.1 (1.09) and previous versions allows remote malicious users to execute arbitrary SQL commands via the filecatid parameter in the com_remository option.
Mambo Mambo Portal
1 EDB exploit
NA
CVE-2007-2557
MOStlyDB Admin in Mambo 4.6.1 does not properly check privileges, which allows remote authenticated administrators to have an unknown impact via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Mambo Mambo 4.6.1
NA
CVE-2007-2049
Multiple PHP remote file inclusion vulnerabilities in the Calendar Module (com_calendar) 1.5.5 for Mambo allow remote malicious users to execute arbitrary PHP code via a URL in the absolute_path parameter to (1) com_calendar.php or (2) mod_calendar.php.
Mambo Mambo Calendar 1.5.5
1 EDB exploit
NA
CVE-2007-5177
SQL injection vulnerability in index.php in the MambAds (com_mambads) 1.5 and previous versions component for Mambo allows remote malicious users to execute arbitrary SQL commands via the caid parameter.
Mambo Mambo
Mambads Mambads
1 EDB exploit
6.1
CVSSv3
CVE-2011-2499
Mambo CMS up to and including 4.6.5 has multiple XSS.
Mambo-foundation Mambo Cms
NA
CVE-2008-0261
Unspecified vulnerability in the search component and module in Mambo 4.5.x and 4.6.x allows remote malicious users to cause a denial of service (query flood) via unspecified vectors.
Mambo Mambo Open Source
NA
CVE-2006-3843
PHP remote file inclusion vulnerability in com_calendar.php in Calendar Mambo Module 1.5.7 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the absolute_path parameter.
Mambo Mambo Calendar 1.5.7
1 EDB exploit
NA
CVE-2006-3846
PHP remote file inclusion vulnerability in extadminmenus.class.php in the MultiBanners 1.0.1 for Mambo allows remote malicious users to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
Mambo Mambo Multibanners 1.0.1
1 EDB exploit
NA
CVE-2006-3980
PHP remote file inclusion vulnerability in administrator/components/com_mgm/help.mgm.php in Mambo Gallery Manager (MGM) 0.95r2 and previous versions for Mambo 4.5 allows remote malicious users to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
Mambo Mambo Gallery Manager
1 EDB exploit
NA
CVE-2006-3981
PHP remote file inclusion vulnerability in about.mgm.php in Mambo Gallery Manager (MGM) 0.95r2 and previous versions for Mambo 4.5 allows remote malicious users to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. NOTE: the provenance of this informat...
Mambo Mambo Gallery Manager
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »