Vulnerabilities (CVE)

Filtered by vendor Phil Taylor Subscribe
Filtered by product Shambo2
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-0606 3 Joomla, Mambo, Phil Taylor 3 Com Shambo2, Com Shambo2, Shambo2 2024-11-21 7.5 HIGH N/A
SQL injection vulnerability in index.php in the Shambo2 (com_shambo2) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter.
CVE-2006-6049 1 Phil Taylor 1 Shambo2 2024-11-21 7.5 HIGH N/A
PHP remote file inclusion vulnerability in shambo2.php in the Shambo2 (com_shambo2) component for Mambo 4.5 allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.