Mambo : Security Vulnerabilities, CVEs, Published In 2002 CVSS score >= 2

CVE-2002-2290

Mambo Site Server 4.0.11 installs with a default username and password of admin, which allows remote attackers to gain privileges.
Max CVSS
10.0
EPSS Score
0.58%
Published
2002-12-31
Updated
2017-07-29

CVE-2002-2288

Mambo Site Server 4.0.11 allows remote attackers to obtain the physical path of the server via an HTTP request to index.php with a parameter that does not exist, which causes the path to be leaked in an error message.
Max CVSS
5.0
EPSS Score
1.13%
Published
2002-12-31
Updated
2017-07-29

CVE-2002-2247

The administrator/phpinfo.php script in Mambo Site Server 4.0.11 allows remote attackers to obtain sensitive information such as the full web root path via phpinfo.php, which calls the phpinfo function.
Max CVSS
5.0
EPSS Score
0.72%
Published
2002-12-31
Updated
2017-07-29

CVE-2002-1662

Multiple cross-site scripting (XSS) vulnerabilities in Mambo Site Server 4.0.11 allow remote attackers to execute arbitrary script on other clients via (1) search.php and (2) the "Your name" field during account registration.
Max CVSS
6.8
EPSS Score
0.53%
Published
2002-12-31
Updated
2017-07-11
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close