Vulnerabilities > CVE-2007-4505 - SQL-Injection vulnerability in Mambo

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

mambo

mamboserver

exploit available

NVD

Published: 2007-08-23

Updated: 2017-09-29

Summary

SQL injection vulnerability in index.php in the RemoSitory component (com_remository) for Mambo allows remote attackers to execute arbitrary SQL commands via the cat parameter in a selectcat action.

Vulnerable Configurations

Part	Description	Count
Application	Mambo Mambo Remository *	1
Application	Mamboserver Mamboserver Mambo *	1

Exploit-Db

description	Mambo Component RemoSitory (cat) Remote SQL Injection Vulnerability. CVE-2007-4505. Webapps exploit for php platform
file	exploits/php/webapps/4306.txt
id	EDB-ID:4306
last seen	2016-01-31
modified	2007-08-23
platform	php
port
published	2007-08-23
reporter	ajann
source	https://www.exploit-db.com/download/4306/
title	Mambo Component RemoSitory cat Remote SQL Injection Vulnerability
type	webapps

Summary

Vulnerable Configurations

Exploit-Db

References