Vulnerabilities > Mambo
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-03-24 | CVE-2008-1460 | SQL Injection vulnerability in Joomlapixel COM Joovideo 1.0/1.2.2 SQL injection vulnerability in the Joovideo (com_joovideo) 1.0 and 1.2.2 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. | 7.5 |
| 2008-03-24 | CVE-2008-1459 | SQL Injection vulnerability in multiple products SQL injection vulnerability in the Alberghi (com_alberghi) 2.1.3 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. | 7.5 |
| 2008-03-12 | CVE-2008-1297 | SQL Injection vulnerability in multiple products SQL injection vulnerability in index.php in the eWriting (com_ewriting) 1.2.1 module for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in a selectcat action. | 7.5 |
| 2008-03-04 | CVE-2008-1137 | SQL Injection vulnerability in multiple products SQL injection vulnerability in the Garys Cookbook (com_garyscookbook) 1.1.1 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. | 7.5 |
| 2008-02-21 | CVE-2008-0855 | SQL Injection vulnerability in multiple products SQL injection vulnerability in the Facile Forms (com_facileforms) component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. | 7.5 |
| 2008-02-21 | CVE-2008-0854 | SQL Injection vulnerability in multiple products SQL injection vulnerability in the com_salesrep component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the rid parameter in a showrep action to index.php. | 7.5 |
| 2008-02-21 | CVE-2008-0853 | SQL Injection vulnerability in multiple products SQL injection vulnerability in the com_detail component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | 7.5 |
| 2008-02-21 | CVE-2008-0849 | SQL Injection vulnerability in multiple products SQL injection vulnerability in index.php in the Downloads (com_downloads) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in a selectcat function, a different vector than CVE-2008-0652. | 7.5 |
| 2008-02-20 | CVE-2008-0846 | SQL Injection vulnerability in multiple products SQL injection vulnerability in index.php in the com_profile component for Joomla! allows remote attackers to execute arbitrary SQL commands via the oid parameter. | 7.5 |
| 2008-02-20 | CVE-2008-0841 | SQL Injection vulnerability in multiple products SQL injection vulnerability in index.php in the Giorgio Nordo Ricette (com_ricette) 1.0 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |