17 results (0.011 seconds)

CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 6

SQL injection vulnerability in administrator/index2.php in Mambo CMS 4.6.5 and earlier allows remote attackers to execute arbitrary SQL commands via the zorder parameter. Vulnerabilidad de inyección SQL en administrator/index2.php en Mambo CMS v4.6.5 y anteriores, permite a usuarios remotos ejecutar comandos SQL de su elección a través del parámetro zorder. • https://www.exploit-db.com/exploits/18110 http://www.exploit-db.com/exploits/18110 http://www.openwall.com/lists/oss-security/2011/08/12/6 http://www.osvdb.org/74502 http://www.securityfocus.com/bid/49130 http://yehg.net/lab/pr0js/advisories/%5Bmambo4.6_x%5D_sql_injection • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 2

Cross-site request forgery (CSRF) vulnerability in administrator/index2.php in MOStlyCE before 2.4, as used in Mambo 4.6.3 and earlier, allows remote attackers to hijack the authentication of administrators for requests that add new administrator accounts via the save task in a com_users action, as demonstrated using a separate XSS vulnerability in mambots/editors/mostlyce/jscripts/tiny_mce/filemanager/connectors/php/connector.php. Vulnerabilidad de falsificación de petición en sitios cruzados (CSRF) en administrator/index2.php en MOStlyCE anterior a la v2.4, como la usada en Mambo v4.6.3, permite a atacantes remotos secuestrar la autenticación de administradores para peticiones que añaden nuevas cuentas de administradores a través de una tarea guardada en una acción com_users, como se demostró usando una vulnerabilidad cross site scripting (XSS) separada en mambots/editors/mostlyce/jscripts/tiny_mce/filemanager/connectors/php/connector.php. • http://archives.neohapsis.com/archives/bugtraq/2008-02/0444.html http://forum.mambo-foundation.org/showthread.php?t=10158 http://osvdb.org/42531 http://secunia.com/advisories/28670 http://www.bugreport.ir/index_33.htm http://www.securityfocus.com/archive/1/487128/100/200/threaded http://www.vupen.com/english/advisories/2008/0325 https://exchange.xforce.ibmcloud.com/vulnerabilities/39985 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 5.8EPSS: 2%CPEs: 3EXPL: 2

The Image Manager in MOStlyCE before 2.4, as used in Mambo 4.6.3 and earlier, allows remote attackers to rename arbitrary files and cause a denial of service via modified file[NewFile][name], file[NewFile][tmp_name], and file[NewFile][size] parameters in a FileUpload command, which are used to modify equivalent variables in $_FILES that are accessed when the is_uploaded_file check fails. El Image Manager en MOStlyCE anteriores a v2.4, como las usadas en Mambo v4.6.3 y anteriores, permite a atacantes remotos renombrar ficheros de su elección y provocar una denegación de servicio a través de la modificación de los parámetros file[NewFile][name], file[NewFile][tmp_name], y file[NewFile][size] en un comando FileUpload, que es usado para modificar las variables equivalentes en $_FILES que son accedidas cuando la comprobación is_uploaded_file falla. • http://archives.neohapsis.com/archives/bugtraq/2008-02/0444.html http://forum.mambo-foundation.org/showthread.php?t=10158 http://osvdb.org/42532 http://secunia.com/advisories/28670 http://www.bugreport.ir/index_33.htm http://www.securityfocus.com/archive/1/487128/100/200/threaded http://www.securityfocus.com/bid/27472 http://www.vupen.com/english/advisories/2008/0325 https://exchange.xforce.ibmcloud.com/vulnerabilities/39986 • CWE-20: Improper Input Validation •

CVSS: 4.3EPSS: 4%CPEs: 3EXPL: 3

Cross-site scripting (XSS) vulnerability in mambots/editors/mostlyce/jscripts/tiny_mce/filemanager/connectors/php/connector.php in MOStlyCE before 2.4, as used in Mambo 4.6.3 and earlier, allows remote attackers to inject arbitrary web script or HTML via the Command parameter. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en mambots/editors/mostlyce/jscripts/tiny_mce/filemanager/connectors/php/connector.php en MOStlyCE y anteriores a la v2.4, como la usada en Mambo v4.6.3 y anteriores, permite a los atacantes remotos inyectar arbitrariamente una secuencia de comandos web o HTML a través del parámetro Command. • https://www.exploit-db.com/exploits/31066 http://archives.neohapsis.com/archives/bugtraq/2008-02/0444.html http://forum.mambo-foundation.org/showthread.php?t=10158 http://osvdb.org/42530 http://secunia.com/advisories/28670 http://www.bugreport.ir/index_33.htm http://www.securityfocus.com/archive/1/487128/100/200/threaded http://www.securityfocus.com/bid/27470 http://www.vupen.com/english/advisories/2008/0325 https://exchange.xforce.ibmcloud.com/vulnerabilities/39984 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 1

MOStlyCE before 2.4, as used in Mambo 4.6.3 and earlier, allows remote attackers to obtain sensitive information via certain requests to mambots/editors/mostlyce/jscripts/tiny_mce/filemanager/connectors/php/connector.php, which reveals the installation path in an error message. MOStlyCE anteriores a la v2.4, como la usada en Mambo v4.6.3 y anteriores, permiten a atacantes remotos obtener información sensible a través de determinadas peticiones sobre mambots/editors/mostlyce/jscripts/tiny_mce/filemanager/connectors/php/connector.php el cual revela el path de instalación en un mensaje de error. • http://archives.neohapsis.com/archives/bugtraq/2008-02/0444.html http://forum.mambo-foundation.org/showthread.php?t=10158 http://osvdb.org/42529 http://secunia.com/advisories/28670 http://www.bugreport.ir/index_33.htm http://www.securityfocus.com/archive/1/487128/100/200/threaded http://www.vupen.com/english/advisories/2008/0325 https://exchange.xforce.ibmcloud.com/vulnerabilities/39983 • CWE-264: Permissions, Privileges, and Access Controls •