Vulnerabilities > CVE-2001-1011 - Unspecified vulnerability in Mambo Site Server

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

mambo

critical

NVD

Published: 2001-07-25

Updated: 2017-10-10

Summary

index2.php in Mambo Site Server 3.0.0 through 3.0.5 allows remote attackers to gain Mambo administrator privileges by setting the PHPSESSID parameter and providing the appropriate administrator information in other parameters.

Vulnerable Configurations

Part	Description	Count
Application	Mambo Mambo Mambo Site Server 3.0 Mambo Mambo Site Server 3.0.1 Mambo Mambo Site Server 3.0.2 Mambo Mambo Site Server 3.0.3 Mambo Mambo Site Server 3.0.4 Mambo Mambo Site Server 3.0.5	6

References

http://archives.neohapsis.com/archives/bugtraq/2001-07/0569.html
http://prdownloads.sourceforge.net/mambo/mambov3.0.6.tar.gz
http://www.osvdb.org/1911
http://www.securityfocus.com/bid/3093
https://exchange.xforce.ibmcloud.com/vulnerabilities/6910