CVE-2008-3712

Multiple cross-site scripting XSS vulnerabilities in Mambo 4.6.2 and 4.6.5, when registerglobals is enabled, allow remote attackers to inject arbitrary web script or HTML via the 1 query string to mambots/editors/mostlyce/jscripts/tinymce/filemanager/connectors/php/connector.php and the 2...

mambo462-morexss.txt

---------------------------------------------------------------- Script : Mambo 4.6.2 Full & Older Versions Type : Multiple Cross Site Scripting Vulnerabilities Alert Level : Medium ---------------------------------------------------------------- Download From :...