2 results (0.006 seconds)

CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 1

SQL injection vulnerability in the MambAds (com_mambads) component 1.0 RC1 Beta and 1.0 RC1 for Mambo allows remote attackers to execute arbitrary SQL commands via the ma_cat parameter in a view action to index.php, a different vector than CVE-2007-5177. Vulnerabilidad de inyección SQL en el componente MambAds (com_mambads) v1.0 RC1 Beta y v1.0 RC1 para Mambo; permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro ma_cata en una acción "view" (ver) en index.php. Se trata de una vulnerabilidad diferente de CVE-2007-5177. • https://www.exploit-db.com/exploits/5692 http://securityreason.com/securityalert/4630 http://www.securityfocus.com/bid/29433 https://exchange.xforce.ibmcloud.com/vulnerabilities/42747 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 2

SQL injection vulnerability in index.php in the MambAds (com_mambads) 1.5 and earlier component for Mambo allows remote attackers to execute arbitrary SQL commands via the caid parameter. Vulnerabilidad de inyección SQL en index.ph pdel componente MambAds (com_mambads) 1.5 y anteriores para Mambo permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro caid. • https://www.exploit-db.com/exploits/4469 http://osvdb.org/38590 http://www.securityfocus.com/bid/25865 https://exchange.xforce.ibmcloud.com/vulnerabilities/36875 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •