Filtered by vendor Mambo-foundation Subscriptions
Total 26 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2008-1465 3 Detodas, Joomla, Mambo-foundation 3 Com Restaurante, Joomla\!, Mambo 2025-04-09 N/A
SQL injection vulnerability in the Detodas Restaurante (com_restaurante) 1.0 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php, a different product than CVE-2008-0562.
CVE-2008-2498 1 Mambo-foundation 1 Mambo 2025-04-09 N/A
Multiple SQL injection vulnerabilities in index.php in Mambo before 4.6.4, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) articleid and (2) mcname parameters. NOTE: some of these details are obtained from third party information.
CVE-2009-4199 3 Joomla, Mambo-foundation, Mamboforge 3 Joomla\!, Mambo, Com Mosres 2025-04-09 N/A
Multiple SQL injection vulnerabilities in the Mambo Resident (aka Mos Res or com_mosres) component 1.0f for Mambo and Joomla!, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) property_uid parameter in a viewproperty action to index.php and the (2) regID parameter in a showregion action to index.php.
CVE-2006-1957 2 Joomla, Mambo-foundation 2 Joomla\!, Mambo 2025-04-03 N/A
The com_rss option (rss.php) in (1) Mambo and (2) Joomla! allows remote attackers to cause a denial of service (disk consumption and possibly web-server outage) via multiple requests with different values of the feed parameter.
CVE-2013-2565 1 Mambo-foundation 1 Mambo Cms 2024-11-21 N/A
A vulnerability in Mambo CMS v4.6.5 where the scripts thumbs.php, editorFrame.php, editor.php, images.php, manager.php discloses the root path of the webserver.
CVE-2011-2499 1 Mambo-foundation 1 Mambo Cms 2024-11-21 6.1 Medium
Mambo CMS through 4.6.5 has multiple XSS.