CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 2CVE-2008-0515 – Mambo Component musepoes - 'aid' SQL Injection
https://notcve.org/view.php?id=CVE-2008-0515
SQL injection vulnerability in index.php in the musepoes (com_musepoes) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an answer action. Vulnerabilidad de inyección SQL en index.php en la componente musepoes (com_musepoes) para Mambo y Joomla!. Permite a un atacante remoto ejecutar comandos SQL arbitrarios a través del parámetro aid en una acción de respuesta. • https://www.exploit-db.com/exploits/5011 http://www.securityfocus.com/bid/27507 http://www.vupen.com/english/advisories/2008/0358 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 20EXPL: 1CVE-2008-0517 – Mambo Component EstateAgent 0.1 - SQL Injection
https://notcve.org/view.php?id=CVE-2008-0517
SQL injection vulnerability in index.php in the Darko Selesi EstateAgent (com_estateagent) 0.1 component for Mambo 4.5.x and Joomla! allows remote attackers to execute arbitrary SQL commands via the objid parameter in a contact showObject action. Vulnerabilidad de inyección SQL en idex.php en el componente Darko Selesi EstateAgent (com_estateagent) 0.1 para Mambo 4.5.x y Joomla!. Permite a atacantes remotos ejecutar comandos SQL arbitrarios a través del parámetro objid en una acción de contacto showObject. • https://www.exploit-db.com/exploits/5016 http://www.securityfocus.com/bid/27520 http://www.vupen.com/english/advisories/2008/0362 https://exchange.xforce.ibmcloud.com/vulnerabilities/40060 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2008-0518 – Mambo Component Recipes 1.00 - 'id' SQL Injection
https://notcve.org/view.php?id=CVE-2008-0518
SQL injection vulnerability in index.php in the Recipes (com_recipes) 1.00 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action. Vulnerabilidad de inyección SQL en index.php en el componente Recipes (com_recipes) 1.00 para Mambo y Joomla!. Permite a atacantes remotos ejecutar comandos SQL arbitrarios a través del parámetro id en una acción de detalle. • https://www.exploit-db.com/exploits/5014 http://www.securityfocus.com/bid/27519 http://www.vupen.com/english/advisories/2008/0360 https://exchange.xforce.ibmcloud.com/vulnerabilities/40064 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2008-0519 – Mambo Component jokes 1.0 - 'cat' SQL Injection
https://notcve.org/view.php?id=CVE-2008-0519
SQL injection vulnerability in index.php in the Atapin Jokes (com_jokes) 1.0 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in a CatView action. Vulnerabilidad de inyección SQL en index.php en el componente Atapin Jokes (com_jokes) 1.0 para Mambo y Joomla!. Permite a atacantes remotos ejecutar comandos SQL arbitrarios a través del parámetro cat en una acción CatView. • https://www.exploit-db.com/exploits/5015 http://www.securityfocus.com/bid/27522 http://www.vupen.com/english/advisories/2008/0361 https://exchange.xforce.ibmcloud.com/vulnerabilities/40067 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 0CVE-2008-0261
https://notcve.org/view.php?id=CVE-2008-0261
Unspecified vulnerability in the search component and module in Mambo 4.5.x and 4.6.x allows remote attackers to cause a denial of service (query flood) via unspecified vectors. Vulnerabilidad no especificada en el componente y módulo search en Mambo 4.5.x y 4.6.x permite a atacantes remotos provocar denegación de servicio (inundación de consultas) a través de vectores no especificados. • http://forum.mambo-foundation.org/showthread.php?t=9651 http://secunia.com/advisories/28392 http://www.securityfocus.com/bid/27239 https://exchange.xforce.ibmcloud.com/vulnerabilities/39613 • CWE-399: Resource Management Errors •