Filtered by vendor Mambo-foundation Subscriptions
Total 26 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2008-2498 1 Mambo-foundation 1 Mambo 2024-11-21 N/A
Multiple SQL injection vulnerabilities in index.php in Mambo before 4.6.4, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) articleid and (2) mcname parameters. NOTE: some of these details are obtained from third party information.
CVE-2008-2497 1 Mambo-foundation 1 Mambo 2024-11-21 N/A
CRLF injection vulnerability in Mambo before 4.6.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
CVE-2008-1465 3 Detodas, Joomla, Mambo-foundation 3 Com Restaurante, Joomla\!, Mambo 2024-11-21 N/A
SQL injection vulnerability in the Detodas Restaurante (com_restaurante) 1.0 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php, a different product than CVE-2008-0562.
CVE-2008-0801 3 Joomla, Mambo-foundation, Paxxgallery 3 Joomla\!, Mambo, Com Paxxgallery 2024-11-21 N/A
SQL injection vulnerability in index.php in the PAXXGallery (com_paxxgallery) 0.2 component for Mambo and Joomla! allow remote attackers to execute arbitrary SQL commands via (1) the iid parameter in a view action, and possibly (2) the userid parameter.
CVE-2006-7247 2 Joomla, Mambo-foundation 3 Com Weblinks, Joomla\!, Mambo 2024-11-21 N/A
SQL injection vulnerability in the Weblinks (com_weblinks) component for Joomla! and Mambo 1.0.9 and earlier allows remote attackers to execute arbitrary SQL commands via the title parameter.
CVE-2006-1957 2 Joomla, Mambo-foundation 2 Joomla\!, Mambo 2024-11-21 N/A
The com_rss option (rss.php) in (1) Mambo and (2) Joomla! allows remote attackers to cause a denial of service (disk consumption and possibly web-server outage) via multiple requests with different values of the feed parameter.