Vulnerabilities > Mambo > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-02-14 | CVE-2008-0773 | SQL Injection vulnerability in multiple products SQL injection vulnerability in Phil Taylor Comments (com_comments, aka Review Script) 0.5.8.5g and earlier component for Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
| 2008-02-14 | CVE-2008-0772 | SQL Injection vulnerability in multiple products SQL injection vulnerability in index.php in the com_doc component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the sid parameter in a view task. | 7.5 |
| 2008-02-13 | CVE-2008-0752 | SQL Injection vulnerability in multiple products SQL injection vulnerability in index.php in the Neogallery (com_neogallery) 1.1 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a show action. | 7.5 |
| 2008-02-13 | CVE-2008-0746 | SQL Injection vulnerability in multiple products SQL injection vulnerability in index.php in the Gallery (com_gallery) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action. | 7.5 |
| 2008-02-12 | CVE-2008-0721 | SQL Injection vulnerability in Mambo COM Sermon 0.2 SQL injection vulnerability in index.php in the Sermon (com_sermon) 0.2 component for Mambo allows remote attackers to execute arbitrary SQL commands via the gid parameter. | 7.5 |
| 2008-02-12 | CVE-2008-0686 | SQL Injection vulnerability in multiple products SQL injection vulnerability in index.php in the NeoReferences (com_neoreferences) 1.3.1 and 1.3.3 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter. | 7.5 |
| 2008-02-07 | CVE-2008-0652 | SQL Injection vulnerability in multiple products SQL injection vulnerability in index.php in the Downloads (com_downloads) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the filecatid parameter in a selectfolder action. | 7.5 |
| 2008-02-06 | CVE-2008-0607 | SQL Injection vulnerability in multiple products SQL injection vulnerability in index.php in the Sigsiu Online Business Index 2 (SOBI2, com_sobi2) 2.5.3 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the catid parameter. | 7.5 |
| 2008-02-06 | CVE-2008-0606 | SQL Injection vulnerability in multiple products SQL injection vulnerability in index.php in the Shambo2 (com_shambo2) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter. | 7.5 |
| 2008-02-06 | CVE-2008-0603 | SQL Injection vulnerability in multiple products SQL injection vulnerability in index.php in the amazOOP Awesom! (com_awesom) 0.3.2component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the listid parameter in a viewlist task. | 7.5 |