Show filters
4 Total Results
Displaying 1-4 of 4
Sort by:
Attacker Value
Unknown
CVE-2007-4203
Disclosure Date: August 08, 2007 (last updated October 04, 2023)
Session fixation vulnerability in Mambo 4.6.2 CMS allows remote attackers to hijack web sessions by setting the Cookie parameter.
0
Attacker Value
Unknown
CVE-2006-7202
Disclosure Date: May 09, 2007 (last updated October 04, 2023)
The dofreePDF function in includes/pdf.php in Mambo 4.6.1 does not properly check access rights for database content, which allows remote attackers to read certain content via unspecified vectors.
0
Attacker Value
Unknown
CVE-2006-7150
Disclosure Date: March 07, 2007 (last updated October 04, 2023)
Multiple SQL injection vulnerabilities in Mambo 4.6.x allow remote attackers to execute arbitrary SQL commands via the mcname parameter to (1) moscomment.php and (2) com_comment.php.
0
Attacker Value
Unknown
CVE-2004-2072
Disclosure Date: December 31, 2004 (last updated February 22, 2025)
Cross-site scripting (XSS) vulnerability in index.php for Mambo Open Source 4.6, and possibly earlier versions, allows remote attackers to execute script on other clients via the Itemid parameter.
0
