Vulnerabilities > Mambo Foundation > Mambo > 4.6.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-12-08 | CVE-2011-2917 | SQL Injection vulnerability in Mambo-Foundation Mambo SQL injection vulnerability in administrator/index2.php in Mambo CMS 4.6.5 and earlier allows remote attackers to execute arbitrary SQL commands via the zorder parameter. | 7.5 |