The com_rss option (rss.php) in (1) Mambo and (2) Joomla! allows remote attackers to cause a denial of service (disk consumption and possibly web-server outage) via multiple requests with different values of the feed parameter.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mambo-foundation | mambo | - |
| joomla | joomla! | * |
SQL injection vulnerability in administrator/index2.php in Mambo CMS 4.6.5 and earlier allows remote attackers to execute arbitrary SQL commands via the zorder parameter.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mambo-foundation | mambo | 4.6.2 |
| mambo-foundation | mambo | 4.6.4 |
| mambo-foundation | mambo | 4.6.3 |
| mambo-foundation | mambo | 4.6.1 |
| mambo-foundation | mambo | 4.6 |
| mambo-foundation | mambo | * |
Mambo 4.6.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by includes/sef.php and certain other files.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mambo-foundation | mambo | 4.6.5 |
Mambo CMS 4.6.5 stores the MySQL database password in cleartext in the document root, which allows local users to obtain sensitive information via unspecified vectors.
CVSS 2.0
Severity: LOW
Problem Type: CWE-255,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mambo-foundation | mambo_cms | 4.6.5 |
Mambo CMS 4.6.5 uses world-readable permissions on configuration.php, which allows local users to obtain the admin password hash by reading the file.
CVSS 2.0
Severity: LOW
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mambo-foundation | mambo_cms | 4.6.5 |
Mambo CMS 4.6.5 allows remote attackers to cause a denial of service (memory and bandwidth consumption) by uploading a crafted file.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mambo-foundation | mambo_cms | 4.6.5 |
A vulnerability in Mambo CMS v4.6.5 where the scripts thumbs.php, editorFrame.php, editor.php, images.php, manager.php discloses the root path of the webserver.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mambo-foundation | mambo_cms | 4.6.5 |