Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mambo mambo vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-3754
Mambo 4.6.5 allows remote malicious users to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by includes/sef.php and certain other files.
Mambo-foundation Mambo 4.6.5
NA
CVE-2004-1693
PHP remote file inclusion vulnerability in Function.php in Mambo 4.5 (1.0.9) allows remote malicious users to execute arbitrary PHP code by modifying the mosConfig_absolute_path parameter to reference a URL on a remote web server that contains the code.
Mambo Mambo 4.5 1.0.9
1 EDB exploit
NA
CVE-2002-1662
Multiple cross-site scripting (XSS) vulnerabilities in Mambo Site Server 4.0.11 allow remote malicious users to execute arbitrary script on other clients via (1) search.php and (2) the "Your name" field during account registration.
Mambo Mambo Site Server 4.0.11
NA
CVE-2002-2247
The administrator/phpinfo.php script in Mambo Site Server 4.0.11 allows remote malicious users to obtain sensitive information such as the full web root path via phpinfo.php, which calls the phpinfo function.
Mambo Mambo Site Server 4.0.11
1 EDB exploit
NA
CVE-2002-2290
Mambo Site Server 4.0.11 installs with a default username and password of admin, which allows remote malicious users to gain privileges.
Mambo Mambo Site Server 4.0.11
NA
CVE-2004-2072
Cross-site scripting (XSS) vulnerability in index.php for Mambo Open Source 4.6, and possibly earlier versions, allows remote malicious users to execute script on other clients via the Itemid parameter.
Mambo Mambo Open Source 4.6
1 EDB exploit
NA
CVE-2013-2563
Mambo CMS 4.6.5 uses world-readable permissions on configuration.php, which allows local users to obtain the admin password hash by reading the file.
Mambo-foundation Mambo Cms 4.6.5
NA
CVE-2013-2564
Mambo CMS 4.6.5 allows remote malicious users to cause a denial of service (memory and bandwidth consumption) by uploading a crafted file.
Mambo-foundation Mambo Cms 4.6.5
5.3
CVSSv3
CVE-2013-2565
A vulnerability in Mambo CMS v4.6.5 where the scripts thumbs.php, editorFrame.php, editor.php, images.php, manager.php discloses the root path of the webserver.
Mambo-foundation Mambo Cms 4.6.5
NA
CVE-2003-1203
Cross-site scripting (XSS) vulnerability in index.php for Mambo Site Server 4.0.10 allows remote malicious users to execute script on other clients via the ?option parameter.
Mambo Mambo Site Server 4.0.10
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »