Mambo CVEs and Security Vulnerabilities

Export limit exceeded: 324770 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (26 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2008-6234	2 Joomla, Mambo-foundation	4 Com Musica, Joomla, Com Musica and 1 more	2025-04-09	N/A
SQL injection vulnerability in the com_musica module in Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
CVE-2009-0380	3 Joomla, Mambo-foundation, Sigsiu.net	3 Joomla, Mambo, Sobi2	2025-04-09	N/A
SQL injection vulnerability in the Sigsiu Online Business Index 2 (SOBI2, com_sobi2) RC 2.8.2 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the bid parameter in a showbiz action to index.php, a different vector than CVE-2008-0607. NOTE: CVE disputes this issue, since neither "showbiz" nor "bid" appears in the source code for SOBI2
CVE-2008-7214	2 Brilaps, Mambo-foundation	2 Mostlyce, Mambo	2025-04-09	N/A
Cross-site request forgery (CSRF) vulnerability in administrator/index2.php in MOStlyCE before 2.4, as used in Mambo 4.6.3 and earlier, allows remote attackers to hijack the authentication of administrators for requests that add new administrator accounts via the save task in a com_users action, as demonstrated using a separate XSS vulnerability in mambots/editors/mostlyce/jscripts/tiny_mce/filemanager/connectors/php/connector.php.
CVE-2006-1957	2 Joomla, Mambo-foundation	2 Joomla\!, Mambo	2025-04-03	N/A
The com_rss option (rss.php) in (1) Mambo and (2) Joomla! allows remote attackers to cause a denial of service (disk consumption and possibly web-server outage) via multiple requests with different values of the feed parameter.
CVE-2013-2565	1 Mambo-foundation	1 Mambo Cms	2024-11-21	N/A
A vulnerability in Mambo CMS v4.6.5 where the scripts thumbs.php, editorFrame.php, editor.php, images.php, manager.php discloses the root path of the webserver.
CVE-2011-2499	1 Mambo-foundation	1 Mambo Cms	2024-11-21	6.1 Medium
Mambo CMS through 4.6.5 has multiple XSS.

« first previous Page 2 of 2.