Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (26 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2008-6234 2 Joomla, Mambo-foundation 4 Com Musica, Joomla, Com Musica and 1 more 2025-04-09 N/A
SQL injection vulnerability in the com_musica module in Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
CVE-2009-0380 3 Joomla, Mambo-foundation, Sigsiu.net 3 Joomla, Mambo, Sobi2 2025-04-09 N/A
SQL injection vulnerability in the Sigsiu Online Business Index 2 (SOBI2, com_sobi2) RC 2.8.2 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the bid parameter in a showbiz action to index.php, a different vector than CVE-2008-0607. NOTE: CVE disputes this issue, since neither "showbiz" nor "bid" appears in the source code for SOBI2
CVE-2008-7214 2 Brilaps, Mambo-foundation 2 Mostlyce, Mambo 2025-04-09 N/A
Cross-site request forgery (CSRF) vulnerability in administrator/index2.php in MOStlyCE before 2.4, as used in Mambo 4.6.3 and earlier, allows remote attackers to hijack the authentication of administrators for requests that add new administrator accounts via the save task in a com_users action, as demonstrated using a separate XSS vulnerability in mambots/editors/mostlyce/jscripts/tiny_mce/filemanager/connectors/php/connector.php.
CVE-2006-1957 2 Joomla, Mambo-foundation 2 Joomla\!, Mambo 2025-04-03 N/A
The com_rss option (rss.php) in (1) Mambo and (2) Joomla! allows remote attackers to cause a denial of service (disk consumption and possibly web-server outage) via multiple requests with different values of the feed parameter.
CVE-2013-2565 1 Mambo-foundation 1 Mambo Cms 2024-11-21 N/A
A vulnerability in Mambo CMS v4.6.5 where the scripts thumbs.php, editorFrame.php, editor.php, images.php, manager.php discloses the root path of the webserver.
CVE-2011-2499 1 Mambo-foundation 1 Mambo Cms 2024-11-21 6.1 Medium
Mambo CMS through 4.6.5 has multiple XSS.