Vulnerabilities > CVE-2004-1692 - Unspecified vulnerability in Mambo Open Source 4.51.0.9

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

mambo

exploit available

NVD

Published: 2004-09-18

Updated: 2017-07-11

Summary

Cross-site scripting (XSS) vulnerability in index.php in Mambo 4.5 (1.0.9) allows remote attackers to inject arbitrary web script or HTML via the (1) Itemid, (2) mosmsg, or (3) limit parameters.

Vulnerable Configurations

Part	Description	Count
Application	Mambo Mambo Mambo Open Source 4.5_1.0.9	1

Exploit-Db

description	Mambo Open Source 4.5.1 (1.0.9) XSS. CVE-2004-1692. Webapps exploit for php platform
id	EDB-ID:24614
last seen	2016-02-02
modified	2004-09-20
published	2004-09-20
reporter	Joxean Koret
source	https://www.exploit-db.com/download/24614/
title	Mambo Open Source 4.5.1 1.0.9 - XSS

References

http://mamboforge.net/frs/shownotes.php?release_id=1672
http://www.securityfocus.com/bid/11220
http://www.osvdb.org/10179
http://marc.info/?l=bugtraq&m=109571849713158&w=2
https://exchange.xforce.ibmcloud.com/vulnerabilities/20616