Vulnerabilities > Mambo

DATE CVE VULNERABILITY TITLE RISK
2002-12-31 CVE-2002-1662 HTML Injection vulnerability in Mambo Site Server 4.0.11
Multiple cross-site scripting (XSS) vulnerabilities in Mambo Site Server 4.0.11 allow remote attackers to execute arbitrary script on other clients via (1) search.php and (2) the "Your name" field during account registration.
network
mambo
6.8
2001-07-25 CVE-2001-1011 Unspecified vulnerability in Mambo Site Server
index2.php in Mambo Site Server 3.0.0 through 3.0.5 allows remote attackers to gain Mambo administrator privileges by setting the PHPSESSID parameter and providing the appropriate administrator information in other parameters.
network
low complexity
mambo
critical
10.0