ReportizFlow
Filtered by vendor Mambo
Subscriptions
Total
123 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-0832 | 2 Joomla, Mambo | 2 Kemas Antonius Com Quran, Kemas Antonius Com Quran | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in the Kemas Antonius com_quran 1.1 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the surano parameter in a viewayat action. | ||||
| CVE-2008-5226 | 3 Joomla, Mambads, Mambo | 3 Joomla, Mambads, Mambo | 2025-04-09 | N/A |
| SQL injection vulnerability in the MambAds (com_mambads) component 1.0 RC1 Beta and 1.0 RC1 for Mambo allows remote attackers to execute arbitrary SQL commands via the ma_cat parameter in a view action to index.php, a different vector than CVE-2007-5177. | ||||
| CVE-2008-4777 | 2 Joomla, Mambo | 3 Com Lms, Joomla, Mambo | 2025-04-09 | N/A |
| SQL injection vulnerability in the Showroom Joomlearn LMS (com_lms) component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the cat parameter in a showTests task. | ||||
| CVE-2008-1849 | 3 Joomla, Joomlacode, Mambo | 3 Joomla, Joomlaexplorer, Mambo | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in the joomlaXplorer (com_joomlaxplorer) Mambo/Joomla! component 1.6.2 and earlier allows remote attackers to list arbitrary directories via a .. (dot dot) in the dir parameter in a show_error action. | ||||
| CVE-2008-0511 | 2 Joomla, Mambo | 2 Com Mamml, Com Mamml | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in the MaMML (com_mamml) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the listid parameter. | ||||
| CVE-2008-0846 | 2 Joomla, Mambo | 2 Com Profile, Com Profile | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in the com_profile component for Joomla! allows remote attackers to execute arbitrary SQL commands via the oid parameter. | ||||
| CVE-2008-0773 | 3 Joomla, Mambo, Phil Taylor | 4 Com Comments, Com Comments, Comments and 1 more | 2025-04-09 | N/A |
| SQL injection vulnerability in Phil Taylor Comments (com_comments, aka Review Script) 0.5.8.5g and earlier component for Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2007-2557 | 1 Mambo | 1 Mambo | 2025-04-09 | N/A |
| MOStlyDB Admin in Mambo 4.6.1 does not properly check privileges, which allows remote authenticated administrators to have an unknown impact via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-0795 | 3 Joomla, Mambo, Mgfi | 3 Joomla, Mambo, Xfaq | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in the MGFi XfaQ (com_xfaq) 1.2 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an answer action. | ||||
| CVE-2008-2990 | 2 Joomla, Mambo | 3 Com Facileforms, Joomla, Com Facileforms | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in facileforms.frame.php in the FacileForms (com_facileforms) component 1.4.4 for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the ff_compath parameter. | ||||
| CVE-2007-4505 | 2 Mambo, Mamboserver | 2 Remository, Mambo | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in the RemoSitory component (com_remository) for Mambo allows remote attackers to execute arbitrary SQL commands via the cat parameter in a selectcat action. | ||||
| CVE-2008-0603 | 3 Amazoop, Joomla, Mambo | 3 Awesom, Com Awesom, Com Awesom | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in the amazOOP Awesom! (com_awesom) 0.3.2component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the listid parameter in a viewlist task. | ||||
| CVE-2008-0810 | 2 Joomla, Mambo | 2 Com Scheduling Component, Com Scheduling Component | 2025-04-09 | N/A |
| SQL injection vulnerability in the com_scheduling module for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-5208 | 2 Joomla, Mambo | 3 Com Datsogallery, Joomla, Mambo | 2025-04-09 | N/A |
| SQL injection vulnerability in sub_votepic.php in the Datsogallery (com_datsogallery) module 1.6 for Joomla! allows remote attackers to execute arbitrary SQL commands via the User-Agent HTTP header. | ||||
| CVE-2008-1459 | 4 Joomla, Joomlaitalia, Mambo and 1 more | 4 Joomla, Com Alberghi, Mambo and 1 more | 2025-04-09 | N/A |
| SQL injection vulnerability in the Alberghi (com_alberghi) 2.1.3 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. | ||||
| CVE-2008-0799 | 2 Joomla, Mambo | 2 Com Quiz, Com Quiz | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in the Quiz (com_quiz) 0.81 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the tid parameter in a user_tst_shw action. | ||||
| CVE-2008-0829 | 3 Joomla, Joomlapixel, Mambo | 3 Joomla, Jooget, Mambo | 2025-04-09 | N/A |
| SQL injection vulnerability in jooget.php in the Joomlapixel Jooget! (com_jooget) 2.6.8 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail task. | ||||
| CVE-2006-7202 | 1 Mambo | 1 Mambo Open Source | 2025-04-09 | N/A |
| The dofreePDF function in includes/pdf.php in Mambo 4.6.1 does not properly check access rights for database content, which allows remote attackers to read certain content via unspecified vectors. | ||||
| CVE-2008-0721 | 1 Mambo | 1 Com Sermon | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in the Sermon (com_sermon) 0.2 component for Mambo allows remote attackers to execute arbitrary SQL commands via the gid parameter. | ||||
| CVE-2007-2049 | 1 Mambo | 1 Mambo Calendar | 2025-04-09 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in the Calendar Module (com_calendar) 1.5.5 for Mambo allow remote attackers to execute arbitrary PHP code via a URL in the absolute_path parameter to (1) com_calendar.php or (2) mod_calendar.php. | ||||