Mambo : Security Vulnerabilities, CVEs, Published In 2008 (Sql injection) CVSS score >= 6
SQL injection vulnerability in the MambAds (com_mambads) component 1.0 RC1 Beta and 1.0 RC1 for Mambo allows remote attackers to execute arbitrary SQL commands via the ma_cat parameter in a view action to index.php, a different vector than CVE-2007-5177.
Max CVSS
7.5
EPSS Score
0.11%
Published
2008-11-25
Updated
2017-09-29
SQL injection vulnerability in index.php in the FlippingBook (com_flippingbook) 1.0.4 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the book_id parameter.
Max CVSS
7.5
EPSS Score
0.06%
Published
2008-05-06
Updated
2017-09-29
SQL injection vulnerability in the Profiler (com_comprofiler) component in Community Builder for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the user parameter in a userProfile action to index.php.
Max CVSS
7.5
EPSS Score
0.06%
Published
2008-05-06
Updated
2017-09-29
SQL injection vulnerability in the Datsogallery (com_datsogallery) 1.3.1 module for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Max CVSS
7.5
EPSS Score
0.07%
Published
2008-03-28
Updated
2017-08-08
SQL injection vulnerability in index.php in the eWriting (com_ewriting) 1.2.1 module for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in a selectcat action.
Max CVSS
7.5
EPSS Score
0.06%
Published
2008-03-12
Updated
2017-09-29
SQL injection vulnerability in the Garys Cookbook (com_garyscookbook) 1.1.1 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php.
Max CVSS
7.5
EPSS Score
0.14%
Published
2008-03-04
Updated
2018-10-11
SQL injection vulnerability in the Facile Forms (com_facileforms) component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php.
Max CVSS
7.5
EPSS Score
0.10%
Published
2008-02-21
Updated
2018-10-15
SQL injection vulnerability in the com_salesrep component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the rid parameter in a showrep action to index.php.
Max CVSS
7.5
EPSS Score
0.11%
Published
2008-02-21
Updated
2018-10-15
SQL injection vulnerability in the com_detail component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. NOTE: this issue might be site-specific. If so, it should not be included in CVE.
Max CVSS
7.5
EPSS Score
0.06%
Published
2008-02-21
Updated
2018-10-15
SQL injection vulnerability in index.php in the Downloads (com_downloads) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in a selectcat function, a different vector than CVE-2008-0652.
Max CVSS
7.5
EPSS Score
0.10%
Published
2008-02-21
Updated
2018-10-15
SQL injection vulnerability in index.php in the com_profile component for Joomla! allows remote attackers to execute arbitrary SQL commands via the oid parameter.
Max CVSS
7.5
EPSS Score
0.10%
Published
2008-02-20
Updated
2008-09-05
SQL injection vulnerability in index.php in the Giorgio Nordo Ricette (com_ricette) 1.0 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter.
Max CVSS
7.5
EPSS Score
0.07%
Published
2008-02-20
Updated
2017-09-29
SQL injection vulnerability in index.php in the Kemas Antonius com_quran 1.1 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the surano parameter in a viewayat action.
Max CVSS
7.5
EPSS Score
0.21%
Published
2008-02-20
Updated
2017-09-29
SQL injection vulnerability in jooget.php in the Joomlapixel Jooget! (com_jooget) 2.6.8 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail task.
Max CVSS
7.5
EPSS Score
0.09%
Published
2008-02-19
Updated
2017-09-29
SQL injection vulnerability in the com_filebase component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the filecatid parameter in a selectfolder action.
Max CVSS
7.5
EPSS Score
0.09%
Published
2008-02-19
Updated
2018-10-15
SQL injection vulnerability in the com_scheduling module for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter.
Max CVSS
7.5
EPSS Score
0.06%
Published
2008-02-19
Updated
2018-10-15
SQL injection vulnerability in index.php in the Quiz (com_quiz) 0.81 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the tid parameter in a user_tst_shw action.
Max CVSS
7.5
EPSS Score
0.10%
Published
2008-02-15
Updated
2017-09-29
SQL injection vulnerability in index.php in the MGFi XfaQ (com_xfaq) 1.2 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an answer action.
Max CVSS
7.5
EPSS Score
0.06%
Published
2008-02-15
Updated
2017-09-29
SQL injection vulnerability in Phil Taylor Comments (com_comments, aka Review Script) 0.5.8.5g and earlier component for Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter.
Max CVSS
7.5
EPSS Score
0.11%
Published
2008-02-14
Updated
2017-09-29
SQL injection vulnerability in index.php in the com_doc component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the sid parameter in a view task.
Max CVSS
7.5
EPSS Score
0.07%
Published
2008-02-14
Updated
2017-09-29
SQL injection vulnerability in index.php in the Neogallery (com_neogallery) 1.1 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a show action.
Max CVSS
7.5
EPSS Score
0.10%
Published
2008-02-13
Updated
2017-09-29
SQL injection vulnerability in index.php in the Gallery (com_gallery) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action.
Max CVSS
7.5
EPSS Score
0.06%
Published
2008-02-13
Updated
2017-09-29
SQL injection vulnerability in index.php in the Sermon (com_sermon) 0.2 component for Mambo allows remote attackers to execute arbitrary SQL commands via the gid parameter.
Max CVSS
7.5
EPSS Score
0.11%
Published
2008-02-12
Updated
2017-09-29
SQL injection vulnerability in index.php in the NeoReferences (com_neoreferences) 1.3.1 and 1.3.3 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter.
Max CVSS
7.5
EPSS Score
0.06%
Published
2008-02-12
Updated
2017-09-29
SQL injection vulnerability in index.php in the Downloads (com_downloads) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the filecatid parameter in a selectfolder action.
Max CVSS
7.5
EPSS Score
0.11%
Published
2008-02-07
Updated
2017-09-29