CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 2CVE-2008-0510 – Mambo Component 'com_newsletter' 4.5 - 'listid' SQL Injection
https://notcve.org/view.php?id=CVE-2008-0510
SQL injection vulnerability in index.php in the Newsletter (com_newsletter) component for Mambo 4.5 and Joomla! allows remote attackers to execute arbitrary SQL commands via the listid parameter. Vulnerabilidad de inyección SQL en index.php en los componentes Newsletter (com_newsletter) para Mambo 4.5 y Joomla!. Permite a atacantes remotos ejecutar comandos SQL arbitrarios a través del parámetro listid. • https://www.exploit-db.com/exploits/5007 http://www.securityfocus.com/bid/27502 http://www.vupen.com/english/advisories/2008/0354 https://exchange.xforce.ibmcloud.com/vulnerabilities/40036 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 2CVE-2008-0511 – Mambo Component 'com_mamml' - 'listid' SQL Injection
https://notcve.org/view.php?id=CVE-2008-0511
SQL injection vulnerability in index.php in the MaMML (com_mamml) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the listid parameter. Vulnerabilidad de inyección SQL en index.php en el componente MaMML (com_mamml) para Mambo y Joomla!. Permite a atacantes remotos ejecutar comandos SQL arbitrarios a través del parámetro listid. • https://www.exploit-db.com/exploits/5009 http://www.securityfocus.com/bid/27503 http://www.vupen.com/english/advisories/2008/0356 https://exchange.xforce.ibmcloud.com/vulnerabilities/40037 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 2CVE-2008-0514 – Mambo Component 'com_glossary' 2.0 - 'catid' SQL Injection
https://notcve.org/view.php?id=CVE-2008-0514
SQL injection vulnerability in index.php in the Glossary (com_glossary) 2.0 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a display action. Vulnerabilidad de inyección SQL en index.php en el componente Glossary (com_glossary) 2.0 para Mambo y Joomla!. Permite a atacantes remotos ejecutar comandos SQL arbitrarios a través del parámetro catid en una acción de visualización. • https://www.exploit-db.com/exploits/5010 http://www.securityfocus.com/bid/27505 http://www.vupen.com/english/advisories/2008/0357 https://exchange.xforce.ibmcloud.com/vulnerabilities/40038 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 2CVE-2008-0515 – Mambo Component musepoes - 'aid' SQL Injection
https://notcve.org/view.php?id=CVE-2008-0515
SQL injection vulnerability in index.php in the musepoes (com_musepoes) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an answer action. Vulnerabilidad de inyección SQL en index.php en la componente musepoes (com_musepoes) para Mambo y Joomla!. Permite a un atacante remoto ejecutar comandos SQL arbitrarios a través del parámetro aid en una acción de respuesta. • https://www.exploit-db.com/exploits/5011 http://www.securityfocus.com/bid/27507 http://www.vupen.com/english/advisories/2008/0358 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2008-0261
https://notcve.org/view.php?id=CVE-2008-0261
Unspecified vulnerability in the search component and module in Mambo 4.5.x and 4.6.x allows remote attackers to cause a denial of service (query flood) via unspecified vectors. Vulnerabilidad no especificada en el componente y módulo search en Mambo 4.5.x y 4.6.x permite a atacantes remotos provocar denegación de servicio (inundación de consultas) a través de vectores no especificados. • http://forum.mambo-foundation.org/showthread.php?t=9651 http://secunia.com/advisories/28392 http://www.securityfocus.com/bid/27239 https://exchange.xforce.ibmcloud.com/vulnerabilities/39613 • CWE-399: Resource Management Errors •