7.6 High
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
0.031 Low
EPSS
Percentile
91.0%
The Team Mambo reports that two SQL injection
vulnerabilities have been found in Mambo. The
vulnerabilities exists due to missing sanitation of the
title and catid parameters in the
weblinks.php page and can lead to execution of
arbitrary SQL code.