← Back

Mambo

mambo

107 CVEs • 65 products

Products (65)

Click to collapse
Toggle
Mambo
mambo
26 CVEs
Mambo Site Server
mambo_site_server
7 CVEs
Mambo Open Source
mambo_open_source
7 CVEs
Mambo Open Source 4.5
mambo_open_source_4.5
2 CVEs
Mambo Calendar
mambo_calendar
2 CVEs
Mambo Gallery Manager
mambo_gallery_manager
2 CVEs
Mostlyce
mostlyce
2 CVEs
Com Downloads
com_downloads
2 CVEs
Com Facileforms
com_facileforms
2 CVEs
Site Server
site_server
1 CVE
Mambo Portal
mambo_portal
1 CVE
Videodb
videodb
1 CVE
Sitemap
sitemap
1 CVE
Smf Forum
smf-forum
1 CVE
Mambo Multibanners
mambo_multibanners
1 CVE
Mambatstaff
mambatstaff
1 CVE
Artlinks Component
artlinks_component
1 CVE
Bayesiannaivefilter
bayesiannaivefilter
1 CVE
Moslistmessenger Component
moslistmessenger_component
1 CVE
Mtg Myhomepage Component
mtg_myhomepage_component
1 CVE
X Shop Component
x-shop_component
1 CVE
Mambelfish Component
mambelfish_component
1 CVE
Catalogshop Component
catalogshop_component
1 CVE
Anjel Component
anjel_component
1 CVE
A6mambocredits Component
a6mambocredits_component
1 CVE
Bigape Backup Component
bigape-backup_component
1 CVE
Contacts Xtd Component
contacts_xtd_component
1 CVE
Com Comprofiler Component
com_comprofiler_component
1 CVE
Jim Component
jim_component
1 CVE
Prince Clan Chess Component
prince_clan_chess_component
1 CVE
Extcalthai Module
extcalthai_module
1 CVE
Nfn Address Book
nfn_address_book
1 CVE
Swmenu Component
swmenu_component
1 CVE
Flatmenu
flatmenu
1 CVE
Taskhopper Component
taskhopper_component
1 CVE
Jambook
jambook
1 CVE
Remository
remository
1 CVE
Com Newsletter
com_newsletter
1 CVE
Com Mamml
com_mamml
1 CVE
Glossary
glossary
1 CVE
Musepoes Component
musepoes_component
1 CVE
Com Recipes
com_recipes
1 CVE
Com Jokes
com_jokes
1 CVE
Com Awesom
com_awesom
1 CVE
Com Shambo2
com_shambo2
1 CVE
Com Sobi2
com_sobi2
1 CVE
Com Neoreferences
com_neoreferences
1 CVE
Com Sermon
com_sermon
1 CVE
Com Gallery
com_gallery
1 CVE
Com Neogallery
com_neogallery
1 CVE
Com Doc
com_doc
1 CVE
Com Comments
com_comments
1 CVE
Com Quiz
com_quiz
1 CVE
Com Scheduling Component
com_scheduling_component
1 CVE
Com Filebase Component
com_filebase_component
1 CVE
Kemas Antonius Com Quran
kemas_antonius_com_quran
1 CVE
Com Ricette Component
com_ricette_component
1 CVE
Com Profile
com_profile
1 CVE
Com Detail
com_detail
1 CVE
Com Salesrep
com_salesrep
1 CVE
Com Garyscookbook
com_garyscookbook
1 CVE
Com Ewriting
com_ewriting
1 CVE
Datsogallery
datsogallery
1 CVE
Com Comprofiler
com_comprofiler
1 CVE
Com Flippingbook
com_flippingbook
1 CVE

CVEs (107)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2008-5226
2Mambads
Mambo
2Mambads
Mambo
Apr 23, 2026
Nov 25, 2008
N/A· v4
N/A· v3
7.5 HIGH· v2
SQL injection vulnerability in the MambAds (com_mambads) component 1.0 RC1 Beta and 1.0 RC1 for Mambo allows remote attackers to execute arbitrary SQL commands via the ma_cat parameter in a view action to index.php, a di...Show more
SQL injection vulnerability in the MambAds (com_mambads) component 1.0 RC1 Beta and 1.0 RC1 for Mambo allows remote attackers to execute arbitrary SQL commands via the ma_cat parameter in a view action to index.php, a different vector than CVE-2007-5177.Show less
CVE-2008-3712
1Mambo
1Mambo
Apr 23, 2026
Aug 19, 2008
N/A· v4
N/A· v3
2.6 LOW· v2
Multiple cross-site scripting (XSS) vulnerabilities in Mambo 4.6.2 and 4.6.5, when register_globals is enabled, allow remote attackers to inject arbitrary web script or HTML via the (1) query string to mambots/editors/mo...Show more
Multiple cross-site scripting (XSS) vulnerabilities in Mambo 4.6.2 and 4.6.5, when register_globals is enabled, allow remote attackers to inject arbitrary web script or HTML via the (1) query string to mambots/editors/mostlyce/jscripts/tiny_mce/filemanager/connectors/php/connector.php and the (2) mosConfig_sitename parameter to administrator/popups/index3pop.php.Show less
CVE-2008-2990
2Joomla
Mambo
3Com Facileforms
Com FacileformsJoomla
Apr 23, 2026
Jul 2, 2008
N/A· v4
N/A· v3
7.5 HIGH· v2
PHP remote file inclusion vulnerability in facileforms.frame.php in the FacileForms (com_facileforms) component 1.4.4 for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the ff_compat...Show more
PHP remote file inclusion vulnerability in facileforms.frame.php in the FacileForms (com_facileforms) component 1.4.4 for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the ff_compath parameter.Show less
CVE-2008-2905
1Mambo
1Mambo
Apr 23, 2026
Jun 30, 2008
N/A· v4
N/A· v3
6.8 MEDIUM· v2
PHP remote file inclusion vulnerability in includes/Cache/Lite/Output.php in the Cache_Lite package in Mambo 4.6.4 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via...Show more
PHP remote file inclusion vulnerability in includes/Cache/Lite/Output.php in the Cache_Lite package in Mambo 4.6.4 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.Show less
CVE-2008-2500
1Mambo
1Mostlyce
Apr 23, 2026
May 29, 2008
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in the MOStlyContent Editor (MOStlyCE) component before 3.0 for Mambo allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-2095
3Joomla
MamboPage Flip Tools
3Com Flippingbook
Com FlippingbookFlipping Book
Apr 23, 2026
May 6, 2008
N/A· v4
N/A· v3
7.5 HIGH· v2
SQL injection vulnerability in index.php in the FlippingBook (com_flippingbook) 1.0.4 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the book_id parameter.
CVE-2008-2093
3Joomla
JoomlapolisMambo
3Com Comprofiler
Com ComprofilerCommunity Builder
Apr 23, 2026
May 6, 2008
N/A· v4
N/A· v3
7.5 HIGH· v2
SQL injection vulnerability in the Profiler (com_comprofiler) component in Community Builder for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the user parameter in a userProfile action...Show more
SQL injection vulnerability in the Profiler (com_comprofiler) component in Community Builder for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the user parameter in a userProfile action to index.php.Show less
CVE-2008-1540
2Joomla
Mambo
2Datsogallery
Datsogallery
Apr 23, 2026
Mar 28, 2008
N/A· v4
N/A· v3
7.5 HIGH· v2
SQL injection vulnerability in the Datsogallery (com_datsogallery) 1.3.1 module for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. NOTE:...Show more
SQL injection vulnerability in the Datsogallery (com_datsogallery) 1.3.1 module for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.Show less
CVE-2008-1297
3Ewriting
JoomlaMambo
3Com Ewriting
Com EwritingEwriting
Apr 23, 2026
Mar 12, 2008
N/A· v4
N/A· v3
7.5 HIGH· v2
SQL injection vulnerability in index.php in the eWriting (com_ewriting) 1.2.1 module for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in a selectcat action.
CVE-2008-1137
2Joomla
Mambo
2Com Garyscookbook
Com Garyscookbook
Apr 23, 2026
Mar 4, 2008
N/A· v4
N/A· v3
7.5 HIGH· v2
SQL injection vulnerability in the Garys Cookbook (com_garyscookbook) 1.1.1 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to...Show more
SQL injection vulnerability in the Garys Cookbook (com_garyscookbook) 1.1.1 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php.Show less
CVE-2008-0855
2Joomla
Mambo
2Com Facileforms
Com Facileforms
Apr 23, 2026
Feb 21, 2008
N/A· v4
N/A· v3
7.5 HIGH· v2
SQL injection vulnerability in the Facile Forms (com_facileforms) component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php.
CVE-2008-0854
2Joomla
Mambo
2Com Salesrep
Com Salesrep
Apr 23, 2026
Feb 21, 2008
N/A· v4
N/A· v3
7.5 HIGH· v2
SQL injection vulnerability in the com_salesrep component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the rid parameter in a showrep action to index.php.
CVE-2008-0853
2Joomla
Mambo
2Com Detail
Com Detail
Apr 23, 2026
Feb 21, 2008
N/A· v4
N/A· v3
7.5 HIGH· v2
SQL injection vulnerability in the com_detail component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. NOTE: this issue might be site-specific. If so,...Show more
SQL injection vulnerability in the com_detail component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. NOTE: this issue might be site-specific. If so, it should not be included in CVE.Show less
CVE-2008-0849
2Joomla
Mambo
2Com Downloads
Com Downloads
Apr 23, 2026
Feb 21, 2008
N/A· v4
N/A· v3
7.5 HIGH· v2
SQL injection vulnerability in index.php in the Downloads (com_downloads) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in a selectcat function, a differe...Show more
SQL injection vulnerability in index.php in the Downloads (com_downloads) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in a selectcat function, a different vector than CVE-2008-0652.Show less
CVE-2008-0846
2Joomla
Mambo
2Com Profile
Com Profile
Apr 23, 2026
Feb 20, 2008
N/A· v4
N/A· v3
7.5 HIGH· v2
SQL injection vulnerability in index.php in the com_profile component for Joomla! allows remote attackers to execute arbitrary SQL commands via the oid parameter.
CVE-2008-0841
2Joomla
Mambo
2Com Ricette Component
Com Ricette Component
Apr 23, 2026
Feb 20, 2008
N/A· v4
N/A· v3
7.5 HIGH· v2
SQL injection vulnerability in index.php in the Giorgio Nordo Ricette (com_ricette) 1.0 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-0832
2Joomla
Mambo
2Kemas Antonius Com Quran
Kemas Antonius Com Quran
Apr 23, 2026
Feb 20, 2008
N/A· v4
N/A· v3
7.5 HIGH· v2
SQL injection vulnerability in index.php in the Kemas Antonius com_quran 1.1 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the surano parameter in a viewayat ac...Show more
SQL injection vulnerability in index.php in the Kemas Antonius com_quran 1.1 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the surano parameter in a viewayat action.Show less
CVE-2008-0829
3Joomla
JoomlapixelMambo
3Jooget
JoomlaMambo
Apr 23, 2026
Feb 19, 2008
N/A· v4
N/A· v3
7.5 HIGH· v2
SQL injection vulnerability in jooget.php in the Joomlapixel Jooget! (com_jooget) 2.6.8 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail task.
CVE-2008-0817
2Joomla
Mambo
2Com Filebase Component
Com Filebase Component
Apr 23, 2026
Feb 19, 2008
N/A· v4
N/A· v3
7.5 HIGH· v2
SQL injection vulnerability in the com_filebase component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the filecatid parameter in a selectfolder action.
CVE-2008-0810
2Joomla
Mambo
2Com Scheduling Component
Com Scheduling Component
Apr 23, 2026
Feb 19, 2008
N/A· v4
N/A· v3
7.5 HIGH· v2
SQL injection vulnerability in the com_scheduling module for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter.