Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mambo mambo vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2008-2498
Multiple SQL injection vulnerabilities in index.php in Mambo prior to 4.6.4, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the (1) articleid and (2) mcname parameters. NOTE: some of these details are obtained from third part...
Mambo-foundation Mambo
4.3
CVSSv2
CVE-2007-6455
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Mambo 4.6.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) Itemid parameter in a com_frontpage option and the (2) option parameter.
Mambo Mambo 4.6.2
1 EDB exploit
4.3
CVSSv2
CVE-2011-2499
Mambo CMS up to and including 4.6.5 has multiple XSS.
Mambo-foundation Mambo Cms
6.8
CVSSv2
CVE-2006-3980
PHP remote file inclusion vulnerability in administrator/components/com_mgm/help.mgm.php in Mambo Gallery Manager (MGM) 0.95r2 and previous versions for Mambo 4.5 allows remote malicious users to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
Mambo Mambo Gallery Manager
1 EDB exploit
7.5
CVSSv2
CVE-2006-3981
PHP remote file inclusion vulnerability in about.mgm.php in Mambo Gallery Manager (MGM) 0.95r2 and previous versions for Mambo 4.5 allows remote malicious users to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. NOTE: the provenance of this informat...
Mambo Mambo Gallery Manager
7.5
CVSSv2
CVE-2007-5177
SQL injection vulnerability in index.php in the MambAds (com_mambads) 1.5 and previous versions component for Mambo allows remote malicious users to execute arbitrary SQL commands via the caid parameter.
Mambo Mambo
Mambads Mambads
1 EDB exploit
5
CVSSv2
CVE-2011-3754
Mambo 4.6.5 allows remote malicious users to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by includes/sef.php and certain other files.
Mambo-foundation Mambo 4.6.5
6.8
CVSSv2
CVE-2007-2049
Multiple PHP remote file inclusion vulnerabilities in the Calendar Module (com_calendar) 1.5.5 for Mambo allow remote malicious users to execute arbitrary PHP code via a URL in the absolute_path parameter to (1) com_calendar.php or (2) mod_calendar.php.
Mambo Mambo Calendar 1.5.5
1 EDB exploit
7.5
CVSSv2
CVE-2007-4505
SQL injection vulnerability in index.php in the RemoSitory component (com_remository) for Mambo allows remote malicious users to execute arbitrary SQL commands via the cat parameter in a selectcat action.
Mambo Remository
Mamboserver Mambo
1 EDB exploit
5
CVSSv2
CVE-2008-0261
Unspecified vulnerability in the search component and module in Mambo 4.5.x and 4.6.x allows remote malicious users to cause a denial of service (query flood) via unspecified vectors.
Mambo Mambo Open Source
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »