Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Mambo Open Source Security Vulnerabilities - 2007

cve
cve

CVE-2006-7150

Multiple SQL injection vulnerabilities in Mambo 4.6.x allow remote attackers to execute arbitrary SQL commands via the mcname parameter to (1) moscomment.php and (2) com_comment.php.

8.5AI Score

0.006EPSS

2007-03-07 08:19 PM
23
cve
cve

CVE-2006-7202

The dofreePDF function in includes/pdf.php in Mambo 4.6.1 does not properly check access rights for database content, which allows remote attackers to read certain content via unspecified vectors.

7AI Score

0.006EPSS

2007-05-09 06:19 PM
25
cve
cve

CVE-2007-4203

Session fixation vulnerability in Mambo 4.6.2 CMS allows remote attackers to hijack web sessions by setting the Cookie parameter.

6.7AI Score

0.011EPSS

2007-08-08 01:17 AM
23