index2.php in Mambo Site Server 3.0.0 up to and including 3.0.5 allows remote malicious users to gain Mambo administrator privileges by setting the PHPSESSID parameter and providing the appropriate administrator information in other parameters.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mambo mambo site server 3.0.4 |
||
mambo mambo site server 3.0.5 |
||
mambo mambo site server 3.0.2 |
||
mambo mambo site server 3.0.3 |
||
mambo mambo site server 3.0 |
||
mambo mambo site server 3.0.1 |