EUVD-2005-2004

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

SQL injection vulnerability in Mambo 4.5.2.2 allows remote attackers to execute SQL commands.

Reporter	Title	Published	Views	Family All 9
FreeBSD	mambo -- multiple vulnerabilities	15 Jun 200500:00	–	freebsd
Tenable Nessus	Mambo Content Server Detection Global Variables Overwrite	22 Feb 200500:00	–	nessus
Tenable Nessus	FreeBSD : mambo -- multiple vulnerabilities (0bf9d7fb-05b3-11da-bc08-0001020eed82)	13 May 200600:00	–	nessus
Tenable Nessus	Mambo Open Source < 4.5.2.3 Multiple Vulnerabilities	15 Jun 200500:00	–	nessus
CVE	CVE-2005-2002	20 Jun 200504:00	–	cve
Cvelist	CVE-2005-2002	20 Jun 200504:00	–	cvelist
NVD	CVE-2005-2002	15 Jun 200504:00	–	nvd
OpenVAS	FreeBSD Ports: mambo	4 Sep 200800:00	–	openvas
OpenVAS	FreeBSD Ports: mambo	4 Sep 200800:00	–	openvas

[
  {
    "enisaIdVendor": [
      {
        "id": "3304f3f2-790b-320e-a901-87a0886f029c",
        "vendor": {
          "name": "n/a"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "08aede94-ca71-39fe-a9c7-116109a71fc7",
        "product": {
          "name": "n/a"
        },
        "product_version": "n/a"
      }
    ]
  }
]

Source	Link
secunia	www.secunia.com/advisories/15710
securityfocus	www.securityfocus.com/bid/13966
securitytracker	www.securitytracker.com/id
osvdb	www.osvdb.org/17323
mamboforge	www.mamboforge.net/frs/download.php/6153/CHANGELOG
marc	www.marc.info/
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

6.2Medium risk

Vulners AI Score6.2

CVSS 27.5

EPSS0.01344

sql injection vulnerability mambo remote access arbitrary commands