Filtered by vendor Mambo
Subscribe
Total
123 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2009-0706 | 3 Joomla, Mambo, Simple-review | 3 Joomla, Mambo, Com Simple Review | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Simple Review (com_simple_review) component 1.3.5 for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the category parameter to index.php. | |||||
CVE-2008-2990 | 2 Joomla, Mambo | 3 Com Facileforms, Joomla, Com Facileforms | 2024-02-28 | 7.5 HIGH | N/A |
PHP remote file inclusion vulnerability in facileforms.frame.php in the FacileForms (com_facileforms) component 1.4.4 for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the ff_compath parameter. | |||||
CVE-2008-5226 | 3 Joomla, Mambads, Mambo | 3 Joomla, Mambads, Mambo | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in the MambAds (com_mambads) component 1.0 RC1 Beta and 1.0 RC1 for Mambo allows remote attackers to execute arbitrary SQL commands via the ma_cat parameter in a view action to index.php, a different vector than CVE-2007-5177. | |||||
CVE-2008-4777 | 2 Joomla, Mambo | 3 Com Lms, Joomla, Mambo | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Showroom Joomlearn LMS (com_lms) component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the cat parameter in a showTests task. | |||||
CVE-2008-1540 | 2 Joomla, Mambo | 2 Datsogallery, Datsogallery | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Datsogallery (com_datsogallery) 1.3.1 module for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
CVE-2008-2093 | 3 Joomla, Joomlapolis, Mambo | 3 Com Comprofiler, Community Builder, Com Comprofiler | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Profiler (com_comprofiler) component in Community Builder for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the user parameter in a userProfile action to index.php. | |||||
CVE-2008-5200 | 2 Joomla, Mambo | 3 Com Xewebtv, Joomla, Mambo | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Xe webtv (com_xewebtv) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. | |||||
CVE-2008-5208 | 2 Joomla, Mambo | 3 Com Datsogallery, Joomla, Mambo | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in sub_votepic.php in the Datsogallery (com_datsogallery) module 1.6 for Joomla! allows remote attackers to execute arbitrary SQL commands via the User-Agent HTTP header. | |||||
CVE-2008-2500 | 1 Mambo | 1 Mostlyce | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the MOStlyContent Editor (MOStlyCE) component before 3.0 for Mambo allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
CVE-2008-0511 | 2 Joomla, Mambo | 2 Com Mamml, Com Mamml | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in the MaMML (com_mamml) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the listid parameter. | |||||
CVE-2008-0832 | 2 Joomla, Mambo | 2 Kemas Antonius Com Quran, Kemas Antonius Com Quran | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in the Kemas Antonius com_quran 1.1 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the surano parameter in a viewayat action. | |||||
CVE-2008-0854 | 2 Joomla, Mambo | 2 Com Salesrep, Com Salesrep | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in the com_salesrep component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the rid parameter in a showrep action to index.php. | |||||
CVE-2007-1596 | 2 Joomla, Mambo | 2 Nfn Address Book, Nfn Address Book | 2024-02-28 | 9.3 HIGH | N/A |
Multiple PHP remote file inclusion vulnerabilities in the NFN Address Book (com_nfn_addressbook) 0.4 component for Mambo and Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to (1) components/com_nfn_addressbook/nfnaddressbook.php or (2) administrator/components/com_nfn_addressbook/nfnaddressbook.php. | |||||
CVE-2008-0849 | 2 Joomla, Mambo | 2 Com Downloads, Com Downloads | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in the Downloads (com_downloads) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in a selectcat function, a different vector than CVE-2008-0652. | |||||
CVE-2006-7202 | 1 Mambo | 1 Mambo Open Source | 2024-02-28 | 7.8 HIGH | N/A |
The dofreePDF function in includes/pdf.php in Mambo 4.6.1 does not properly check access rights for database content, which allows remote attackers to read certain content via unspecified vectors. | |||||
CVE-2008-0799 | 2 Joomla, Mambo | 2 Com Quiz, Com Quiz | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in the Quiz (com_quiz) 0.81 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the tid parameter in a user_tst_shw action. | |||||
CVE-2008-0721 | 1 Mambo | 1 Com Sermon | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in the Sermon (com_sermon) 0.2 component for Mambo allows remote attackers to execute arbitrary SQL commands via the gid parameter. | |||||
CVE-2008-0510 | 2 Joomla, Mambo | 3 Com Newsletter, Com Newsletter, Mambo | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in the Newsletter (com_newsletter) component for Mambo 4.5 and Joomla! allows remote attackers to execute arbitrary SQL commands via the listid parameter. | |||||
CVE-2008-0686 | 2 Joomla, Mambo | 2 Com Neoreferences, Com Neoreferences | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php in the NeoReferences (com_neoreferences) 1.3.1 and 1.3.3 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter. | |||||
CVE-2008-1137 | 2 Joomla, Mambo | 2 Com Garyscookbook, Com Garyscookbook | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Garys Cookbook (com_garyscookbook) 1.1.1 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. |