CVE-2005-3738 – Mambo 4.5.2 - Globals Overwrite / Remote Command Execution
https://notcve.org/view.php?id=CVE-2005-3738
globals.php in Mambo Site Server 4.0.14 and earlier, when register_globals is disabled, allows remote attackers to overwrite variables in the GLOBALS array and conduct various attacks, as demonstrated using the mosConfig_absolute_path parameter to content.html.php for remote PHP file inclusion. globals.php en Mambo Site Server 4.0.14 y anteriores, cuando "register_globals" está desactivado, permite a atacantes remotos sobreescribir variables mediante el 'array' "GLOBALS" y llevar a cabo varios ataques, como se ha demostrado usando el parámetro "mosConfig_absolute_path" de content.html.php para inclusión remota de PHP. • https://www.exploit-db.com/exploits/1337 http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0520.html http://forum.mamboserver.com/showthread.php?t=66154 http://secunia.com/advisories/17622 http://securitytracker.com/id?1015258 http://www.securityfocus.com/archive/1/417215 http://www.securityfocus.com/archive/1/426942/100/0/threaded http://www.securityfocus.com/archive/1/427196/100/0/threaded http://www.securityfocus.com/bid/15461 http://www.vupen.com/english/advi •
CVE-2005-3586
https://notcve.org/view.php?id=CVE-2005-3586
content.php in Mambo 4.5.2 through 4.5.2.3 allows remote attackers to obtain the installation path of the application via a URL that causes the application to return an error. • http://irannetjob.com/content/view/153/28 http://marc.info/?l=bugtraq&m=113106195532404&w=2 •
CVE-2005-2002 – Mambo 4.5.2.1 - Fetch Password Hash
https://notcve.org/view.php?id=CVE-2005-2002
SQL injection vulnerability in content.php in Mambo 4.5.2.2 and earlier allows remote attackers to execute arbitrary SQL commands via the user_rating parameter. • https://www.exploit-db.com/exploits/1049 http://mamboforge.net/frs/download.php/6153/CHANGELOG http://marc.info/?l=bugtraq&m=111885974124936&w=2 http://secunia.com/advisories/15710 http://securitytracker.com/id?1014222 http://www.osvdb.org/17323 http://www.securityfocus.com/bid/13966 •
CVE-2005-0512
https://notcve.org/view.php?id=CVE-2005-0512
PHP remote file inclusion vulnerability in Tar.php in Mambo 4.5.2 allows remote attackers to execute arbitrary PHP code by modifying the mosConfig_absolute_path parameter to reference a URL on a remote web server that contains the code, a different vulnerability than CVE-2004-1693. • http://mamboforge.net/frs/download.php/4043/Patch_4.5.2_to_4.5.2.1.zip http://secunia.com/advisories/14337 •
CVE-2004-2143 – Remository - SQL Injection
https://notcve.org/view.php?id=CVE-2004-2143
SQL injection vulnerability in the ReMOSitory Server add-on module to Mambo Portal 4.5.1 (1.09) and earlier allows remote attackers to execute arbitrary SQL commands via the filecatid parameter in the com_remository option. • https://www.exploit-db.com/exploits/24613 http://archives.neohapsis.com/archives/bugtraq/2004-09/0215.html http://archives.neohapsis.com/archives/bugtraq/2004-09/0249.html http://secunia.com/advisories/12597 http://securitytracker.com/id?1011356 http://www.mamboportal.com/content/view/1615 http://www.osvdb.org/10040 http://www.securityfocus.com/bid/11219 https://exchange.xforce.ibmcloud.com/vulnerabilities/17441 •