Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mambo mambo vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2006-4288
PHP remote file inclusion vulnerability in admin.a6mambocredits.php in the a6mambocredits component (com_a6mambocredits) 2.0.0 and previous versions for Mambo allows remote malicious users to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter. NOTE: some of...
Mambo A6mambocredits Component 2.0.0
1 EDB exploit
5.1
CVSSv2
CVE-2006-3294
PHP remote file inclusion vulnerability in mod_cbsms_messages.php in CBSMS Mambo Module 1.0 and previous versions, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
Cbsms Mambo Module 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2008-0721
SQL injection vulnerability in index.php in the Sermon (com_sermon) 0.2 component for Mambo allows remote malicious users to execute arbitrary SQL commands via the gid parameter.
Mambo Com Sermon 0.2
1 EDB exploit
7.5
CVSSv2
CVE-2006-4203
PHP remote file inclusion vulnerability in help.mmp.php in the MMP Component (com_mmp) 1.2 and previous versions for Mambo allows remote malicious users to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
Mamboxchange Mambo Email Publisher
1 EDB exploit
7.5
CVSSv2
CVE-2006-4264
Multiple PHP remote file inclusion vulnerabilities in the lmtg_myhomepage Component (com_lmtg_myhomepage) for Mambo allow remote malicious users to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter in (1) install.lmtg_homepage.php and (2) mtg_homepage....
Mambo Mtg Myhomepage Component
5
CVSSv2
CVE-2002-2288
Mambo Site Server 4.0.11 allows remote malicious users to obtain the physical path of the server via an HTTP request to index.php with a parameter that does not exist, which causes the path to be leaked in an error message.
Mambo Site Server 4.0.11
1 EDB exploit
6.8
CVSSv2
CVE-2006-4130
PHP remote file inclusion vulnerability in admin.remository.php in the Remository Component (com_remository) 3.25 and previous versions for Mambo and Joomla!, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the mosConfig_...
Matt Smith Remository For Mambo
1 EDB exploit
7.5
CVSSv2
CVE-2006-4275
PHP remote file inclusion vulnerability in catalogshop.php in the CatalogShop component for Mambo (com_catalogshop) allows remote malicious users to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
Mambo Catalogshop Component 1.0 Beta 2
7.5
CVSSv2
CVE-2006-4229
PHP remote file inclusion vulnerability in archive.php in the mosListMessenger Component (com_lm) prior to 20060719 for Mambo and Joomla! allows remote malicious users to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
Mambo Moslistmessenger Component
Joomla Moslistmessenger Component
7.5
CVSSv2
CVE-2006-4556
PHP remote file inclusion vulnerability in index.php in the JIM component for Mambo and Joomla! allows remote malicious users to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. NOTE: another researcher has stated that the product distribution does n...
Joomla Jim Component
Mambo Jim Component
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »