Vulnerabilities > Mamboxchange
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-01-30 | CVE-2008-0500 | SQL Injection And Unspecified vulnerability in Mamboxchange Laithai 4.5.5 Multiple unspecified vulnerabilities in Mambo LaiThai 4.5.5 have unknown impact and attack vectors related to (1) mod_login and (2) mod_template_chooser. | 10.0 |
| 2008-01-30 | CVE-2008-0499 | SQL Injection vulnerability in Mamboxchange Laithai 4.5.5 SQL injection vulnerability in Mambo LaiThai 4.5.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2007-04-12 | CVE-2007-1992 | Remote File Include vulnerability in Mambo Com-Zoom Module MosConfig_Absolute_Path Multiple PHP remote file inclusion vulnerabilities in the com_zoom 2.5 beta 2 and earlier module for Mambo allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to (1) EXIF_Makernote.php or (2) EXIF.php in classes/iptc/. | 7.5 |
| 2006-11-22 | CVE-2006-6051 | Remote File Include vulnerability in Mamboxchange Mosreporter 1.0 PHP remote file inclusion vulnerability in reporter.logic.php in the MosReporter (com_reporter) component for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | 7.5 |
| 2006-10-12 | CVE-2006-5254 | Remote File Include vulnerability in Extended Registration Component mosConfig_absolute_path PHP remote file inclusion vulnerability in registration_detailed.inc.php in Mark Van Bellen Detailed User Registration (com_registration_detailed), aka regdetailed, 4.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | 7.5 |
| 2006-09-19 | CVE-2006-4858 | Code Injection vulnerability in Mamboxchange Serverstat Component PHP remote file inclusion vulnerability in install.serverstat.php in the Serverstat (com_serverstat) 0.4.4 and earlier component for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | 6.8 |
| 2006-08-22 | CVE-2006-4282 | Remote File Include vulnerability in MamboWiki Component MamboLogin.PHP PHP remote file inclusion vulnerability in MamboLogin.php in the MamboWiki component (com_mambowiki) 0.9.6 and earlier for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the IP parameter. | 7.5 |
| 2006-08-21 | CVE-2006-4241 | Remote File Include vulnerability in Mamboxchange Reporter 1.0 PHP remote file inclusion vulnerability in processor/reporter.sql.php in the Reporter Mambo component (com_reporter) allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | 7.5 |
| 2006-08-17 | CVE-2006-4203 | Remote File Include vulnerability in Mambo Email Publisher Help.MMP.PHP PHP remote file inclusion vulnerability in help.mmp.php in the MMP Component (com_mmp) 1.2 and earlier for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | 7.5 |
| 2006-08-17 | CVE-2006-4195 | Code Injection vulnerability in Mamboxchange Peoplebook 1.0 PHP remote file inclusion vulnerability in param.peoplebook.php in the Peoplebook Component for Mambo (com_peoplebook) 1.0 and earlier, and possibly 1.1.2, when register_globals and allow_url_fopen are enabled, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | 6.8 |