Vulnerabilities > Mambo
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-02-12 | CVE-2008-0721 | SQL Injection vulnerability in Mambo COM Sermon 0.2 SQL injection vulnerability in index.php in the Sermon (com_sermon) 0.2 component for Mambo allows remote attackers to execute arbitrary SQL commands via the gid parameter. | 7.5 |
| 2008-02-12 | CVE-2008-0686 | SQL Injection vulnerability in multiple products SQL injection vulnerability in index.php in the NeoReferences (com_neoreferences) 1.3.1 and 1.3.3 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter. | 7.5 |
| 2008-02-07 | CVE-2008-0652 | SQL Injection vulnerability in multiple products SQL injection vulnerability in index.php in the Downloads (com_downloads) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the filecatid parameter in a selectfolder action. | 7.5 |
| 2008-02-06 | CVE-2008-0607 | SQL Injection vulnerability in multiple products SQL injection vulnerability in index.php in the Sigsiu Online Business Index 2 (SOBI2, com_sobi2) 2.5.3 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the catid parameter. | 7.5 |
| 2008-02-06 | CVE-2008-0606 | SQL Injection vulnerability in multiple products SQL injection vulnerability in index.php in the Shambo2 (com_shambo2) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter. | 7.5 |
| 2008-02-06 | CVE-2008-0603 | SQL Injection vulnerability in multiple products SQL injection vulnerability in index.php in the amazOOP Awesom! (com_awesom) 0.3.2component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the listid parameter in a viewlist task. | 7.5 |
| 2008-02-04 | CVE-2008-0561 | SQL Injection vulnerability in multiple products SQL injection vulnerability in index.php in the Arthur Konze AkoGallery (com_akogallery) 2.5 beta component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action. | 7.5 |
| 2008-01-31 | CVE-2008-0519 | SQL Injection vulnerability in multiple products SQL injection vulnerability in index.php in the Atapin Jokes (com_jokes) 1.0 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in a CatView action. | 7.5 |
| 2008-01-31 | CVE-2008-0518 | SQL Injection vulnerability in multiple products SQL injection vulnerability in index.php in the Recipes (com_recipes) 1.00 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action. | 7.5 |
| 2008-01-31 | CVE-2008-0517 | SQL Injection vulnerability in multiple products SQL injection vulnerability in index.php in the Darko Selesi EstateAgent (com_estateagent) 0.1 component for Mambo 4.5.x and Joomla! allows remote attackers to execute arbitrary SQL commands via the objid parameter in a contact showObject action. | 7.5 |