Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mambo vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-3294
PHP remote file inclusion vulnerability in mod_cbsms_messages.php in CBSMS Mambo Module 1.0 and previous versions, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
Cbsms Mambo Module 1.0
1 EDB exploit
NA
CVE-2006-4264
Multiple PHP remote file inclusion vulnerabilities in the lmtg_myhomepage Component (com_lmtg_myhomepage) for Mambo allow remote malicious users to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter in (1) install.lmtg_homepage.php and (2) mtg_homepage....
Mambo Mtg Myhomepage Component
NA
CVE-2006-4275
PHP remote file inclusion vulnerability in catalogshop.php in the CatalogShop component for Mambo (com_catalogshop) allows remote malicious users to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
Mambo Catalogshop Component 1.0 Beta 2
NA
CVE-2006-4288
PHP remote file inclusion vulnerability in admin.a6mambocredits.php in the a6mambocredits component (com_a6mambocredits) 2.0.0 and previous versions for Mambo allows remote malicious users to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter. NOTE: some of...
Mambo A6mambocredits Component 2.0.0
1 EDB exploit
NA
CVE-2006-4296
PHP remote file inclusion vulnerability in classes/Tar.php in bigAPE-Backup component (com_babackup) for Mambo 1.1 allows remote malicious users to include arbitrary files via the mosConfig_absolute_path parameter.
Mambo Bigape-backup Component
1 EDB exploit
NA
CVE-2008-0721
SQL injection vulnerability in index.php in the Sermon (com_sermon) 0.2 component for Mambo allows remote malicious users to execute arbitrary SQL commands via the gid parameter.
Mambo Com Sermon 0.2
1 EDB exploit
NA
CVE-2006-3773
PHP remote file inclusion vulnerability in smf.php in the SMF-Forum 1.3.1.3 Bridge Component (com_smf) For Joomla! and Mambo 4.5.3+ allows remote malicious users to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
Mambo Smf-forum 1.3.1.3 Bridge Component
1 EDB exploit
NA
CVE-2002-2288
Mambo Site Server 4.0.11 allows remote malicious users to obtain the physical path of the server via an HTTP request to index.php with a parameter that does not exist, which causes the path to be leaked in an error message.
Mambo Site Server 4.0.11
1 EDB exploit
NA
CVE-2006-4130
PHP remote file inclusion vulnerability in admin.remository.php in the Remository Component (com_remository) 3.25 and previous versions for Mambo and Joomla!, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the mosConfig_...
Matt Smith Remository For Mambo
1 EDB exploit
NA
CVE-2008-6234
SQL injection vulnerability in the com_musica module in Joomla! and Mambo allows remote malicious users to execute arbitrary SQL commands via the id parameter to index.php.
Joomla Com Musica -
Mambo-foundation Com Musica -
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »