Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mambo vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2013-2565
A vulnerability in Mambo CMS v4.6.5 where the scripts thumbs.php, editorFrame.php, editor.php, images.php, manager.php discloses the root path of the webserver.
Mambo-foundation Mambo Cms 4.6.5
NA
CVE-2008-5226
SQL injection vulnerability in the MambAds (com_mambads) component 1.0 RC1 Beta and 1.0 RC1 for Mambo allows remote malicious users to execute arbitrary SQL commands via the ma_cat parameter in a view action to index.php, a different vector than CVE-2007-5177.
Mambads Mambads 1.0
Mambo Mambo
1 EDB exploit
NA
CVE-2006-1957
The com_rss option (rss.php) in (1) Mambo and (2) Joomla! allows remote malicious users to cause a denial of service (disk consumption and possibly web-server outage) via multiple requests with different values of the feed parameter.
Joomla Joomla\\!
Mambo-foundation Mambo -
NA
CVE-2004-1692
Cross-site scripting (XSS) vulnerability in index.php in Mambo 4.5 (1.0.9) allows remote malicious users to inject arbitrary web script or HTML via the (1) Itemid, (2) mosmsg, or (3) limit parameters.
Mambo Mambo Open Source 4.5 1.0.9
1 EDB exploit
NA
CVE-2002-1662
Multiple cross-site scripting (XSS) vulnerabilities in Mambo Site Server 4.0.11 allow remote malicious users to execute arbitrary script on other clients via (1) search.php and (2) the "Your name" field during account registration.
Mambo Mambo Site Server 4.0.11
NA
CVE-2002-2290
Mambo Site Server 4.0.11 installs with a default username and password of admin, which allows remote malicious users to gain privileges.
Mambo Mambo Site Server 4.0.11
NA
CVE-2006-1956
The com_rss option (rss.php) in (1) Mambo and (2) Joomla! allows remote malicious users to obtain sensitive information via an invalid feed parameter, which reveals the path in an error message.
Mambo Mambo 4.5.3h
Joomla Joomla 1.0.7
NA
CVE-2007-2317
Multiple PHP remote file inclusion vulnerabilities in MiniBB Forum 1.5a and previous versions, as used by TOSMO/Mambo 4.0.12 and probably other products, allow remote malicious users to execute arbitrary PHP code via a URL in the absolute_path parameter to bb_plugins.php in (1) c...
Minibb Minibb
Tosmo Mambo Tosmo Mambo
1 EDB exploit
NA
CVE-2007-4745
Multiple cross-site scripting (XSS) vulnerabilities in the AkoBook 3.42 and previous versions component (com_akobook) for Mambo allow remote malicious users to inject arbitrary web script or HTML via Javascript events in the (1) gbmail and (2) gbpage parameters in the sign functi...
Mambo Mambo Site Server
Joomla Akobook 3.42
NA
CVE-2008-0829
SQL injection vulnerability in jooget.php in the Joomlapixel Jooget! (com_jooget) 2.6.8 component for Joomla! and Mambo allows remote malicious users to execute arbitrary SQL commands via the id parameter in a detail task.
Joomla Joomla
Joomlapixel Jooget 2.6.8
Mambo Mambo
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »