Lucene search
MamboMambo Open Source
2 matches found
CVE-2006-7150
Multiple SQL injection vulnerabilities in Mambo 4.6.x allow remote attackers to execute arbitrary SQL commands via the mcname parameter to (1) moscomment.php and (2) com_comment.php.
7.5CVSS8.5AI score0.00497EPSS
CVE-2006-7202
The dofreePDF function in includes/pdf.php in Mambo 4.6.1 does not properly check access rights for database content, which allows remote attackers to read certain content via unspecified vectors.
7.8CVSS7AI score0.00332EPSS