CVSS: 6.8EPSS: 1%CPEs: 1EXPL: 3CVE-2004-2072 – Mambo Open Source 4.6 - 'Itemid' Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2004-2072
Cross-site scripting (XSS) vulnerability in index.php for Mambo Open Source 4.6, and possibly earlier versions, allows remote attackers to execute script on other clients via the Itemid parameter. • https://www.exploit-db.com/exploits/23657 http://www.securityfocus.com/bid/9588 http://www.systemsecure.org/advisories/ssadvisory06022004.php https://exchange.xforce.ibmcloud.com/vulnerabilities/15062 •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 3CVE-2004-1692 – Mambo Open Source 4.5.1 (1.0.9) - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2004-1692
Cross-site scripting (XSS) vulnerability in index.php in Mambo 4.5 (1.0.9) allows remote attackers to inject arbitrary web script or HTML via the (1) Itemid, (2) mosmsg, or (3) limit parameters. • https://www.exploit-db.com/exploits/24614 http://mamboforge.net/frs/shownotes.php?release_id=1672 http://marc.info/?l=bugtraq&m=109571849713158&w=2 http://www.osvdb.org/10179 http://www.securityfocus.com/bid/11220 https://exchange.xforce.ibmcloud.com/vulnerabilities/20616 •
CVSS: 7.5EPSS: 5%CPEs: 1EXPL: 3CVE-2004-1693 – Mambo Open Source 4.5.1 (1.0.9) - 'Function.php' Arbitrary Command Execution
https://notcve.org/view.php?id=CVE-2004-1693
PHP remote file inclusion vulnerability in Function.php in Mambo 4.5 (1.0.9) allows remote attackers to execute arbitrary PHP code by modifying the mosConfig_absolute_path parameter to reference a URL on a remote web server that contains the code. • https://www.exploit-db.com/exploits/24615 http://marc.info/?l=bugtraq&m=109571849713158&w=2 http://securitytracker.com/id?1011365 http://www.osvdb.org/10180 http://www.securityfocus.com/bid/11220 https://exchange.xforce.ibmcloud.com/vulnerabilities/17449 •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 3CVE-2004-1825 – Mambo Open Source 4.5 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
https://notcve.org/view.php?id=CVE-2004-1825
Cross-site scripting (XSS) vulnerability in index.php in Mambo Open Source 4.5 stable 1.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) return or (2) mos_change_template parameters. • https://www.exploit-db.com/exploits/23824 http://marc.info/?l=bugtraq&m=107945576020593&w=2 http://secunia.com/advisories/11140 http://www.osvdb.org/4308 http://www.osvdb.org/4665 http://www.securityfocus.com/bid/9890 https://exchange.xforce.ibmcloud.com/vulnerabilities/15499 •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 3CVE-2004-1826 – Mambo Open Source 4.5 - 'index.php' SQL Injection
https://notcve.org/view.php?id=CVE-2004-1826
SQL injection vulnerability in index.php in Mambo Open Source 4.5 stable 1.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. • https://www.exploit-db.com/exploits/23834 http://marc.info/?l=bugtraq&m=107945576020593&w=2 http://secunia.com/advisories/11140 http://www.osvdb.org/4307 http://www.securityfocus.com/bid/9891 https://exchange.xforce.ibmcloud.com/vulnerabilities/15500 •