CVE-2001-1011

Published: Jul 25, 2001Modified: Apr 16, 2026

10.0

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 10.0 / Impact: 10.0

Source: NVD

Description

index2.php in Mambo Site Server 3.0.0 through 3.0.5 allows remote attackers to gain Mambo administrator privileges by setting the PHPSESSID parameter and providing the appropriate administrator information in other parameters.

Affected (6)

Products: Mambo: Mambo Site Server

1 product

Mambo Site Server

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Mambo Mambo Site Server	Version 3.0.1
Mambo Mambo Site Server	Version 3.0.2
Mambo Mambo Site Server	Version 3.0.3
Mambo Mambo Site Server	Version 3.0.4
Mambo Mambo Site Server	Version 3.0.5
Mambo Mambo Site Server	Version 3.0

References (10)

http://archives.neohapsis.com/archives/bugtraq/2001-07/0569.html

Source: cve@mitre.org

ExploitVendor Advisory

http://prdownloads.sourceforge.net/mambo/mambov3.0.6.tar.gz

Source: cve@mitre.org

http://www.osvdb.org/1911

Source: cve@mitre.org

http://www.securityfocus.com/bid/3093

Source: cve@mitre.org

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/6910

Source: cve@mitre.org

http://archives.neohapsis.com/archives/bugtraq/2001-07/0569.html

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitVendor Advisory

http://prdownloads.sourceforge.net/mambo/mambov3.0.6.tar.gz

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.osvdb.org/1911

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/3093

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/6910

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.