Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mambo vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2004-1693
PHP remote file inclusion vulnerability in Function.php in Mambo 4.5 (1.0.9) allows remote malicious users to execute arbitrary PHP code by modifying the mosConfig_absolute_path parameter to reference a URL on a remote web server that contains the code.
Mambo Mambo 4.5 1.0.9
1 EDB exploit
445
VMScore
CVE-2008-2497
CRLF injection vulnerability in Mambo prior to 4.6.4 allows remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
Mambo-foundation Mambo
685
VMScore
CVE-2007-2049
Multiple PHP remote file inclusion vulnerabilities in the Calendar Module (com_calendar) 1.5.5 for Mambo allow remote malicious users to execute arbitrary PHP code via a URL in the absolute_path parameter to (1) com_calendar.php or (2) mod_calendar.php.
Mambo Mambo Calendar 1.5.5
1 EDB exploit
755
VMScore
CVE-2007-5177
SQL injection vulnerability in index.php in the MambAds (com_mambads) 1.5 and previous versions component for Mambo allows remote malicious users to execute arbitrary SQL commands via the caid parameter.
Mambo Mambo
Mambads Mambads
1 EDB exploit
755
VMScore
CVE-2007-4505
SQL injection vulnerability in index.php in the RemoSitory component (com_remository) for Mambo allows remote malicious users to execute arbitrary SQL commands via the cat parameter in a selectcat action.
Mambo Remository
Mamboserver Mambo
1 EDB exploit
445
VMScore
CVE-2008-0261
Unspecified vulnerability in the search component and module in Mambo 4.5.x and 4.6.x allows remote malicious users to cause a denial of service (query flood) via unspecified vectors.
Mambo Mambo Open Source
685
VMScore
CVE-2006-3980
PHP remote file inclusion vulnerability in administrator/components/com_mgm/help.mgm.php in Mambo Gallery Manager (MGM) 0.95r2 and previous versions for Mambo 4.5 allows remote malicious users to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
Mambo Mambo Gallery Manager
1 EDB exploit
668
VMScore
CVE-2006-3981
PHP remote file inclusion vulnerability in about.mgm.php in Mambo Gallery Manager (MGM) 0.95r2 and previous versions for Mambo 4.5 allows remote malicious users to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. NOTE: the provenance of this informat...
Mambo Mambo Gallery Manager
445
VMScore
CVE-2011-3754
Mambo 4.6.5 allows remote malicious users to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by includes/sef.php and certain other files.
Mambo-foundation Mambo 4.6.5
383
VMScore
CVE-2011-2499
Mambo CMS up to and including 4.6.5 has multiple XSS.
Mambo-foundation Mambo Cms
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »