Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mambo vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-4505
SQL injection vulnerability in index.php in the RemoSitory component (com_remository) for Mambo allows remote malicious users to execute arbitrary SQL commands via the cat parameter in a selectcat action.
Mambo Remository
Mamboserver Mambo
1 EDB exploit
NA
CVE-2011-3754
Mambo 4.6.5 allows remote malicious users to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by includes/sef.php and certain other files.
Mambo-foundation Mambo 4.6.5
NA
CVE-2013-2563
Mambo CMS 4.6.5 uses world-readable permissions on configuration.php, which allows local users to obtain the admin password hash by reading the file.
Mambo-foundation Mambo Cms 4.6.5
5.3
CVSSv3
CVE-2013-2565
A vulnerability in Mambo CMS v4.6.5 where the scripts thumbs.php, editorFrame.php, editor.php, images.php, manager.php discloses the root path of the webserver.
Mambo-foundation Mambo Cms 4.6.5
NA
CVE-2007-4203
Session fixation vulnerability in Mambo 4.6.2 CMS allows remote malicious users to hijack web sessions by setting the Cookie parameter.
Mambo Mambo Open Source 4.6.2
NA
CVE-2006-7202
The dofreePDF function in includes/pdf.php in Mambo 4.6.1 does not properly check access rights for database content, which allows remote malicious users to read certain content via unspecified vectors.
Mambo Mambo Open Source 4.6.1
NA
CVE-2008-5226
SQL injection vulnerability in the MambAds (com_mambads) component 1.0 RC1 Beta and 1.0 RC1 for Mambo allows remote malicious users to execute arbitrary SQL commands via the ma_cat parameter in a view action to index.php, a different vector than CVE-2007-5177.
Mambads Mambads 1.0
Mambo Mambo
1 EDB exploit
NA
CVE-2006-1957
The com_rss option (rss.php) in (1) Mambo and (2) Joomla! allows remote malicious users to cause a denial of service (disk consumption and possibly web-server outage) via multiple requests with different values of the feed parameter.
Joomla Joomla\\!
Mambo-foundation Mambo -
NA
CVE-2013-2562
Mambo CMS 4.6.5 stores the MySQL database password in cleartext in the document root, which allows local users to obtain sensitive information via unspecified vectors.
Mambo-foundation Mambo Cms 4.6.5
NA
CVE-2013-2564
Mambo CMS 4.6.5 allows remote malicious users to cause a denial of service (memory and bandwidth consumption) by uploading a crafted file.
Mambo-foundation Mambo Cms 4.6.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »