Identifier
|
Related Record |
Severity
|
Date Published
|
Description | Versions Affected |
---|---|---|---|---|---|
CVE-2013-2565 | Medium | Feb 15, 2019 | A vulnerability in Mambo CMS v4.6.5 where the scripts thumbs.php, editorFrame.php, editor.php, images.php, manager.php discloses the root path of the w more... |
4.6.5
|
|
CVE-2013-2564 | Jun 09, 2014 | Mambo CMS 4.6.5 allows remote attackers to cause a denial of service (memory and bandwidth consumption) by uploading a crafted file. |
4.6.5
|
||
CVE-2013-2563 | Jun 09, 2014 | Mambo CMS 4.6.5 uses world-readable permissions on configuration.php, which allows local users to obtain the admin password hash by reading the file. |
4.6.5
|
||
CVE-2013-2562 | Jun 09, 2014 | Mambo CMS 4.6.5 stores the MySQL database password in cleartext in the document root, which allows local users to obtain sensitive information via unsp more... |
4.6.5
|
||
CVE-2011-3754 | Sep 23, 2011 | Mambo 4.6.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an erro more... |
4.6.5
|
||
CVE-2011-2917 | Dec 08, 2011 | SQL injection vulnerability in administrator/index2.php in Mambo CMS 4.6.5 and earlier allows remote attackers to execute arbitrary SQL commands via th more... |
4.6.5, 4.6.4, 4.6.3, 4.0.14
|
||
CVE-2011-2499 | Medium | Feb 12, 2020 | Mambo CMS through 4.6.5 has multiple XSS. |
4.6.5, 4.6.4, 4.6.3
|
|
CVE-2008-3712 | Aug 19, 2008 | Multiple cross-site scripting (XSS) vulnerabilities in Mambo 4.6.2 and 4.6.5, when register_globals is enabled, allow remote attackers to inject arbitr more... |
4.6.5
|