Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mambo mambo vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2006-3843
PHP remote file inclusion vulnerability in com_calendar.php in Calendar Mambo Module 1.5.7 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the absolute_path parameter.
Mambo Mambo Calendar 1.5.7
1 EDB exploit
685
VMScore
CVE-2006-3846
PHP remote file inclusion vulnerability in extadminmenus.class.php in the MultiBanners 1.0.1 for Mambo allows remote malicious users to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
Mambo Mambo Multibanners 1.0.1
1 EDB exploit
755
VMScore
CVE-2008-5226
SQL injection vulnerability in the MambAds (com_mambads) component 1.0 RC1 Beta and 1.0 RC1 for Mambo allows remote malicious users to execute arbitrary SQL commands via the ma_cat parameter in a view action to index.php, a different vector than CVE-2007-5177.
Mambads Mambads 1.0
Mambo Mambo
1 EDB exploit
445
VMScore
CVE-2006-1957
The com_rss option (rss.php) in (1) Mambo and (2) Joomla! allows remote malicious users to cause a denial of service (disk consumption and possibly web-server outage) via multiple requests with different values of the feed parameter.
Joomla Joomla\\!
Mambo-foundation Mambo -
890
VMScore
CVE-2002-2290
Mambo Site Server 4.0.11 installs with a default username and password of admin, which allows remote malicious users to gain privileges.
Mambo Mambo Site Server 4.0.11
187
VMScore
CVE-2013-2562
Mambo CMS 4.6.5 stores the MySQL database password in cleartext in the document root, which allows local users to obtain sensitive information via unspecified vectors.
Mambo-foundation Mambo Cms 4.6.5
187
VMScore
CVE-2013-2563
Mambo CMS 4.6.5 uses world-readable permissions on configuration.php, which allows local users to obtain the admin password hash by reading the file.
Mambo-foundation Mambo Cms 4.6.5
445
VMScore
CVE-2013-2564
Mambo CMS 4.6.5 allows remote malicious users to cause a denial of service (memory and bandwidth consumption) by uploading a crafted file.
Mambo-foundation Mambo Cms 4.6.5
445
VMScore
CVE-2013-2565
A vulnerability in Mambo CMS v4.6.5 where the scripts thumbs.php, editorFrame.php, editor.php, images.php, manager.php discloses the root path of the webserver.
Mambo-foundation Mambo Cms 4.6.5
685
VMScore
CVE-2004-2072
Cross-site scripting (XSS) vulnerability in index.php for Mambo Open Source 4.6, and possibly earlier versions, allows remote malicious users to execute script on other clients via the Itemid parameter.
Mambo Mambo Open Source 4.6
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »