4 results (0.003 seconds)

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

SQL injection vulnerability in Mambo LaiThai 4.5.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Vulnerabilidad de inyección SQL en Mambo LaiThai 4.5.5 permite a atacantes remotos ejecutar comandos SQL de su elección a través vectores sin especificar. • http://secunia.com/advisories/28652 http://sourceforge.net/project/shownotes.php?group_id=192544&release_id=571300 http://www.securityfocus.com/bid/27483 http://www.vupen.com/english/advisories/2008/0316 https://exchange.xforce.ibmcloud.com/vulnerabilities/40013 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

Multiple unspecified vulnerabilities in Mambo LaiThai 4.5.5 have unknown impact and attack vectors related to (1) mod_login and (2) mod_template_chooser. Múltiples vulnerabilidades no especificadas en Mambo LaiThai 4.5.5 tienen un impacto desconocido y vectores de ataque relativos a (1) mod_login y (2) mod_template_chooser. • http://secunia.com/advisories/28652 http://sourceforge.net/project/shownotes.php?group_id=192544&release_id=571300 http://www.securityfocus.com/bid/27483 http://www.vupen.com/english/advisories/2008/0316 https://exchange.xforce.ibmcloud.com/vulnerabilities/40014 •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

SQL injection vulnerability in includes/mambo.php in Mambo LaiThai 4.5.4 SP2 and earlier allows remote attackers to execute arbitrary SQL commands via the usercookie[password] cookie parameter. Vulnerabilidad de inyección SQL en includes/mambo.php en Mambo LaiThai 4.5.4 SP2 y anteriores permiten a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro cookie usercookie[password] • http://mamboxchange.com/forum/forum.php?forum_id=7767 http://secunia.com/advisories/22263 http://www.securityfocus.com/bid/20413 http://www.vupen.com/english/advisories/2006/3953 •

CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 0

Cross-site scripting (XSS) vulnerability in Mambo LaiThai 4.5.4 Security Patch 2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Mambo LaiThai 4.5.4 Serucity Patch 2 y anteriores permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección a través de vectores no especificados. • http://mamboxchange.com/forum/forum.php?forum_id=7767 http://secunia.com/advisories/22263 http://www.securityfocus.com/bid/20458/info http://www.vupen.com/english/advisories/2006/3953 •