Mambo-foundation CVEs and Security Vulnerabilities - OpenCVE

Filtered by vendor Mambo-foundation Subscriptions

Search

Switch to Advanced Search (Beta)

Total 26 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2008-4617	3 Joomla, Mambo-foundation, Pyxicom	3 Joomla, Mambo, Actualite	2025-04-09	N/A
SQL injection vulnerability in the actualite module 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-7213	2 Brilaps, Mambo-foundation	2 Mostlyce, Mambo	2025-04-09	N/A
Cross-site scripting (XSS) vulnerability in mambots/editors/mostlyce/jscripts/tiny_mce/filemanager/connectors/php/connector.php in MOStlyCE before 2.4, as used in Mambo 4.6.3 and earlier, allows remote attackers to inject arbitrary web script or HTML via the Command parameter.
CVE-2008-7214	2 Brilaps, Mambo-foundation	2 Mostlyce, Mambo	2025-04-09	N/A
Cross-site request forgery (CSRF) vulnerability in administrator/index2.php in MOStlyCE before 2.4, as used in Mambo 4.6.3 and earlier, allows remote attackers to hijack the authentication of administrators for requests that add new administrator accounts via the save task in a com_users action, as demonstrated using a separate XSS vulnerability in mambots/editors/mostlyce/jscripts/tiny_mce/filemanager/connectors/php/connector.php.
CVE-2009-4578	3 Facileforms, Joomla, Mambo-foundation	3 Facileforms, Joomla\!, Mambo	2025-04-09	N/A
Cross-site scripting (XSS) vulnerability in the Facileforms (com_facileforms) component for Joomla! and Mambo allows remote attackers to inject arbitrary web script or HTML via the Itemid parameter to index.php.
CVE-2013-2565	1 Mambo-foundation	1 Mambo Cms	2024-11-21	N/A
A vulnerability in Mambo CMS v4.6.5 where the scripts thumbs.php, editorFrame.php, editor.php, images.php, manager.php discloses the root path of the webserver.
CVE-2011-2499	1 Mambo-foundation	1 Mambo Cms	2024-11-21	6.1 Medium
Mambo CMS through 4.6.5 has multiple XSS.

« first previous Page 2 of 2.