CVSS: 2.6EPSS: 2%CPEs: 10EXPL: 3CVE-2005-3738 – Mambo 4.5.2 - Globals Overwrite / Remote Command Execution
https://notcve.org/view.php?id=CVE-2005-3738
globals.php in Mambo Site Server 4.0.14 and earlier, when register_globals is disabled, allows remote attackers to overwrite variables in the GLOBALS array and conduct various attacks, as demonstrated using the mosConfig_absolute_path parameter to content.html.php for remote PHP file inclusion. globals.php en Mambo Site Server 4.0.14 y anteriores, cuando "register_globals" está desactivado, permite a atacantes remotos sobreescribir variables mediante el 'array' "GLOBALS" y llevar a cabo varios ataques, como se ha demostrado usando el parámetro "mosConfig_absolute_path" de content.html.php para inclusión remota de PHP. • https://www.exploit-db.com/exploits/1337 http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0520.html http://forum.mamboserver.com/showthread.php?t=66154 http://secunia.com/advisories/17622 http://securitytracker.com/id?1015258 http://www.securityfocus.com/archive/1/417215 http://www.securityfocus.com/archive/1/426942/100/0/threaded http://www.securityfocus.com/archive/1/427196/100/0/threaded http://www.securityfocus.com/bid/15461 http://www.vupen.com/english/advi •
CVSS: 10.0EPSS: 6%CPEs: 1EXPL: 3CVE-2003-1245 – Mambo Site Server 4.0.12 RC2 - Cookie Validation
https://notcve.org/view.php?id=CVE-2003-1245
index2.php in Mambo 4.0.12 allows remote attackers to gain administrator access via a URL request where session_id is set to the MD5 hash of a session cookie. • https://www.exploit-db.com/exploits/22281 http://archives.neohapsis.com/archives/bugtraq/2003-02/0302.html http://www.securityfocus.com/bid/6926 https://exchange.xforce.ibmcloud.com/vulnerabilities/11398 •
CVSS: 6.8EPSS: 3%CPEs: 2EXPL: 1CVE-2003-1204
https://notcve.org/view.php?id=CVE-2003-1204
Multiple cross-site scripting (XSS) vulnerabilities in Mambo Site Server 4.0.12 BETA and earlier allow remote attackers to execute script on other clients via (1) the link parameter in sectionswindow.php, the directory parameter in (2) gallery.php, (3) navigation.php, or (4) uploadimage.php, the path parameter in (5) view.php, (6) the choice parameter in upload.php, (7) the sitename parameter in mambosimple.php, (8) the type parameter in upload.php, or the id parameter in (9) emailarticle.php, (10) emailfaq.php, or (11) emailnews.php. • http://www.osvdb.org/7495 http://www.osvdb.org/7496 http://www.osvdb.org/7497 http://www.osvdb.org/7498 http://www.osvdb.org/7499 http://www.osvdb.org/7500 http://www.osvdb.org/7501 http://www.osvdb.org/7502 http://www.osvdb.org/7503 http://www.osvdb.org/7504 http://www.osvdb.org/7505 http://www.securityfocus.com/archive/1/306206 http://www.securityfocus.com/bid/6571 https://exchange.xforce.ibmcloud.com/vulnerabilities/11050 •