CVE-2006-7092
https://notcve.org/view.php?id=CVE-2006-7092
SQL injection vulnerability in includes/mambo.php in Mambo LaiThai 4.5.4 SP2 and earlier allows remote attackers to execute arbitrary SQL commands via the usercookie[password] cookie parameter. Vulnerabilidad de inyección SQL en includes/mambo.php en Mambo LaiThai 4.5.4 SP2 y anteriores permiten a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro cookie usercookie[password] • http://mamboxchange.com/forum/forum.php?forum_id=7767 http://secunia.com/advisories/22263 http://www.securityfocus.com/bid/20413 http://www.vupen.com/english/advisories/2006/3953 •
CVE-2006-7093
https://notcve.org/view.php?id=CVE-2006-7093
Cross-site scripting (XSS) vulnerability in Mambo LaiThai 4.5.4 Security Patch 2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Mambo LaiThai 4.5.4 Serucity Patch 2 y anteriores permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección a través de vectores no especificados. • http://mamboxchange.com/forum/forum.php?forum_id=7767 http://secunia.com/advisories/22263 http://www.securityfocus.com/bid/20458/info http://www.vupen.com/english/advisories/2006/3953 •