← Back

Mamboxchange

mamboxchange

15 CVEs • 12 products

Products (12)

Click to collapse
Toggle
Laithai
laithai
4 CVEs
Simpleboard
simpleboard
1 CVE
Loudmouth
loudmouth
1 CVE
A6mambohelpdesk
a6mambohelpdesk
1 CVE
Peoplebook
peoplebook
1 CVE
Mambo Email Publisher
mambo_email_publisher
1 CVE
Reporter
reporter
1 CVE
Mambowiki
mambowiki
1 CVE
Serverstat Component
serverstat_component
1 CVE
Extended Registration
extended_registration
1 CVE
Mosreporter
mosreporter
1 CVE
Com Zoom
com_zoom
1 CVE

CVEs (15)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2008-0500
1Mamboxchange
1Laithai
Apr 23, 2026
Jan 30, 2008
N/A· v4
N/A· v3
10.0 HIGH· v2
Multiple unspecified vulnerabilities in Mambo LaiThai 4.5.5 have unknown impact and attack vectors related to (1) mod_login and (2) mod_template_chooser.
CVE-2008-0499
1Mamboxchange
1Laithai
Apr 23, 2026
Jan 30, 2008
N/A· v4
N/A· v3
7.5 HIGH· v2
SQL injection vulnerability in Mambo LaiThai 4.5.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2007-1992
1Mamboxchange
1Com Zoom
Apr 23, 2026
Apr 12, 2007
N/A· v4
N/A· v3
7.5 HIGH· v2
Multiple PHP remote file inclusion vulnerabilities in the com_zoom 2.5 beta 2 and earlier module for Mambo allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to (1) EX...Show more
Multiple PHP remote file inclusion vulnerabilities in the com_zoom 2.5 beta 2 and earlier module for Mambo allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to (1) EXIF_Makernote.php or (2) EXIF.php in classes/iptc/.Show less
CVE-2006-7093
1Mamboxchange
1Laithai
Apr 23, 2026
Mar 2, 2007
N/A· v4
N/A· v3
5.8 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in Mambo LaiThai 4.5.4 Security Patch 2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2006-7092
1Mamboxchange
1Laithai
Apr 23, 2026
Mar 2, 2007
N/A· v4
N/A· v3
7.5 HIGH· v2
SQL injection vulnerability in includes/mambo.php in Mambo LaiThai 4.5.4 SP2 and earlier allows remote attackers to execute arbitrary SQL commands via the usercookie[password] cookie parameter.
CVE-2006-6051
1Mamboxchange
1Mosreporter
Apr 23, 2026
Nov 22, 2006
N/A· v4
N/A· v3
7.5 HIGH· v2
PHP remote file inclusion vulnerability in reporter.logic.php in the MosReporter (com_reporter) component for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_pa...Show more
PHP remote file inclusion vulnerability in reporter.logic.php in the MosReporter (com_reporter) component for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.Show less
CVE-2006-5254
1Mamboxchange
1Extended Registration
Apr 23, 2026
Oct 12, 2006
N/A· v4
N/A· v3
7.5 HIGH· v2
PHP remote file inclusion vulnerability in registration_detailed.inc.php in Mark Van Bellen Detailed User Registration (com_registration_detailed), aka regdetailed, 4.1 and earlier allows remote attackers to execute arbi...Show more
PHP remote file inclusion vulnerability in registration_detailed.inc.php in Mark Van Bellen Detailed User Registration (com_registration_detailed), aka regdetailed, 4.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.Show less
CVE-2006-4858
1Mamboxchange
1Serverstat Component
Apr 16, 2026
Sep 19, 2006
N/A· v4
N/A· v3
6.8 MEDIUM· v2
PHP remote file inclusion vulnerability in install.serverstat.php in the Serverstat (com_serverstat) 0.4.4 and earlier component for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_...Show more
PHP remote file inclusion vulnerability in install.serverstat.php in the Serverstat (com_serverstat) 0.4.4 and earlier component for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.Show less
CVE-2006-4282
1Mamboxchange
1Mambowiki
Apr 16, 2026
Aug 22, 2006
N/A· v4
N/A· v3
7.5 HIGH· v2
PHP remote file inclusion vulnerability in MamboLogin.php in the MamboWiki component (com_mambowiki) 0.9.6 and earlier for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the IP param...Show more
PHP remote file inclusion vulnerability in MamboLogin.php in the MamboWiki component (com_mambowiki) 0.9.6 and earlier for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the IP parameter.Show less
CVE-2006-4241
1Mamboxchange
1Reporter
Apr 16, 2026
Aug 21, 2006
N/A· v4
N/A· v3
7.5 HIGH· v2
PHP remote file inclusion vulnerability in processor/reporter.sql.php in the Reporter Mambo component (com_reporter) allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path paramete...Show more
PHP remote file inclusion vulnerability in processor/reporter.sql.php in the Reporter Mambo component (com_reporter) allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.Show less
CVE-2006-4203
1Mamboxchange
1Mambo Email Publisher
Apr 16, 2026
Aug 17, 2006
N/A· v4
N/A· v3
7.5 HIGH· v2
PHP remote file inclusion vulnerability in help.mmp.php in the MMP Component (com_mmp) 1.2 and earlier for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
CVE-2006-4195
1Mamboxchange
1Peoplebook
Apr 16, 2026
Aug 17, 2006
N/A· v4
N/A· v3
6.8 MEDIUM· v2
PHP remote file inclusion vulnerability in param.peoplebook.php in the Peoplebook Component for Mambo (com_peoplebook) 1.0 and earlier, and possibly 1.1.2, when register_globals and allow_url_fopen are enabled, allows re...Show more
PHP remote file inclusion vulnerability in param.peoplebook.php in the Peoplebook Component for Mambo (com_peoplebook) 1.0 and earlier, and possibly 1.1.2, when register_globals and allow_url_fopen are enabled, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.Show less
CVE-2006-3930
1Mamboxchange
1A6mambohelpdesk
Apr 16, 2026
Jul 31, 2006
N/A· v4
N/A· v3
7.5 HIGH· v2
PHP remote file inclusion vulnerability in admin.a6mambohelpdesk.php in a6mambohelpdesk Mambo Component 18RC1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site paramet...Show more
PHP remote file inclusion vulnerability in admin.a6mambohelpdesk.php in a6mambohelpdesk Mambo Component 18RC1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter.Show less
CVE-2006-3748
1Mamboxchange
1Loudmouth
Apr 16, 2026
Jul 21, 2006
N/A· v4
N/A· v3
6.8 MEDIUM· v2
PHP remote file inclusion vulnerability in includes/abbc/abbc.class.php in the LoudMouth Component for Mambo 4.0j, and possibly other versions including 4.1, allows remote attackers to execute arbitrary PHP code via a UR...Show more
PHP remote file inclusion vulnerability in includes/abbc/abbc.class.php in the LoudMouth Component for Mambo 4.0j, and possibly other versions including 4.1, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.Show less
CVE-2006-3528
1Mamboxchange
1Simpleboard
Apr 16, 2026
Jul 12, 2006
N/A· v4
N/A· v3
6.8 MEDIUM· v2
Multiple PHP remote file inclusion vulnerabilities in Simpleboard Mambo module 1.1.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the sbp parameter to (1) image_upload.php and (2) file_up...Show more
Multiple PHP remote file inclusion vulnerabilities in Simpleboard Mambo module 1.1.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the sbp parameter to (1) image_upload.php and (2) file_upload.php.Show less