Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2004-2143

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-30 Jun, 2005 | 04:00
Updated At-08 Aug, 2024 | 01:15
Rejected At-
Credits

SQL injection vulnerability in the ReMOSitory Server add-on module to Mambo Portal 4.5.1 (1.09) and earlier allows remote attackers to execute arbitrary SQL commands via the filecatid parameter in the com_remository option.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:30 Jun, 2005 | 04:00
Updated At:08 Aug, 2024 | 01:15
Rejected At:
▼CVE Numbering Authority (CNA)

SQL injection vulnerability in the ReMOSitory Server add-on module to Mambo Portal 4.5.1 (1.09) and earlier allows remote attackers to execute arbitrary SQL commands via the filecatid parameter in the com_remository option.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.osvdb.org/10040
vdb-entry
x_refsource_OSVDB
http://www.securityfocus.com/bid/11219
vdb-entry
x_refsource_BID
http://secunia.com/advisories/12597/
third-party-advisory
x_refsource_SECUNIA
http://www.mamboportal.com/content/view/1615/
x_refsource_CONFIRM
http://securitytracker.com/id?1011356
vdb-entry
x_refsource_SECTRACK
https://exchange.xforce.ibmcloud.com/vulnerabilities/17441
vdb-entry
x_refsource_XF
http://archives.neohapsis.com/archives/bugtraq/2004-09/0215.html
mailing-list
x_refsource_BUGTRAQ
http://archives.neohapsis.com/archives/bugtraq/2004-09/0249.html
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://www.osvdb.org/10040
Resource:
vdb-entry
x_refsource_OSVDB
Hyperlink: http://www.securityfocus.com/bid/11219
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://secunia.com/advisories/12597/
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.mamboportal.com/content/view/1615/
Resource:
x_refsource_CONFIRM
Hyperlink: http://securitytracker.com/id?1011356
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/17441
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://archives.neohapsis.com/archives/bugtraq/2004-09/0215.html
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://archives.neohapsis.com/archives/bugtraq/2004-09/0249.html
Resource:
mailing-list
x_refsource_BUGTRAQ
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.osvdb.org/10040
vdb-entry
x_refsource_OSVDB
x_transferred
http://www.securityfocus.com/bid/11219
vdb-entry
x_refsource_BID
x_transferred
http://secunia.com/advisories/12597/
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.mamboportal.com/content/view/1615/
x_refsource_CONFIRM
x_transferred
http://securitytracker.com/id?1011356
vdb-entry
x_refsource_SECTRACK
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/17441
vdb-entry
x_refsource_XF
x_transferred
http://archives.neohapsis.com/archives/bugtraq/2004-09/0215.html
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://archives.neohapsis.com/archives/bugtraq/2004-09/0249.html
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://www.osvdb.org/10040
Resource:
vdb-entry
x_refsource_OSVDB
x_transferred
Hyperlink: http://www.securityfocus.com/bid/11219
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://secunia.com/advisories/12597/
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.mamboportal.com/content/view/1615/
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://securitytracker.com/id?1011356
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/17441
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://archives.neohapsis.com/archives/bugtraq/2004-09/0215.html
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://archives.neohapsis.com/archives/bugtraq/2004-09/0249.html
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:31 Dec, 2004 | 05:00
Updated At:03 Apr, 2025 | 01:03

SQL injection vulnerability in the ReMOSitory Server add-on module to Mambo Portal 4.5.1 (1.09) and earlier allows remote attackers to execute arbitrary SQL commands via the filecatid parameter in the com_remository option.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.07.5HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 2.0
Base score: 7.5
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
CPE Matches
MamboServer
mambo
>>mambo_portal>>Versions up to 4.5.1_1.0.9(inclusive)
cpe:2.3:a:mambo:mambo_portal:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://archives.neohapsis.com/archives/bugtraq/2004-09/0215.htmlcve@mitre.org
N/A
http://archives.neohapsis.com/archives/bugtraq/2004-09/0249.htmlcve@mitre.org
N/A
http://secunia.com/advisories/12597/cve@mitre.org
Exploit
Patch
Vendor Advisory
http://securitytracker.com/id?1011356cve@mitre.org
Exploit
Patch
http://www.mamboportal.com/content/view/1615/cve@mitre.org
Patch
Vendor Advisory
http://www.osvdb.org/10040cve@mitre.org
N/A
http://www.securityfocus.com/bid/11219cve@mitre.org
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/17441cve@mitre.org
N/A
http://archives.neohapsis.com/archives/bugtraq/2004-09/0215.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://archives.neohapsis.com/archives/bugtraq/2004-09/0249.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/12597/af854a3a-2127-422b-91ae-364da2661108
Exploit
Patch
Vendor Advisory
http://securitytracker.com/id?1011356af854a3a-2127-422b-91ae-364da2661108
Exploit
Patch
http://www.mamboportal.com/content/view/1615/af854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://www.osvdb.org/10040af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/11219af854a3a-2127-422b-91ae-364da2661108
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/17441af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://archives.neohapsis.com/archives/bugtraq/2004-09/0215.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://archives.neohapsis.com/archives/bugtraq/2004-09/0249.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/12597/
Source: cve@mitre.org
Resource:
Exploit
Patch
Vendor Advisory
Hyperlink: http://securitytracker.com/id?1011356
Source: cve@mitre.org
Resource:
Exploit
Patch
Hyperlink: http://www.mamboportal.com/content/view/1615/
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.osvdb.org/10040
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/11219
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/17441
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://archives.neohapsis.com/archives/bugtraq/2004-09/0215.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://archives.neohapsis.com/archives/bugtraq/2004-09/0249.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/12597/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Patch
Vendor Advisory
Hyperlink: http://securitytracker.com/id?1011356
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Patch
Hyperlink: http://www.mamboportal.com/content/view/1615/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.osvdb.org/10040
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/11219
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/17441
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

75Records found
CVE-2008-2095
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.02% / 3.28%
||
7 Day CHG~0.00%
Published-06 May, 2008 | 16:00
Updated-07 Aug, 2024 | 08:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SQL injection vulnerability in index.php in the FlippingBook (com_flippingbook) 1.0.4 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the book_id parameter.

Action-Not Available
Vendor-page-flip-toolsn/aJoomla!MamboServer
Product-com_flippingbookflipping_bookn/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2008-2093
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.01% / 0.69%
||
7 Day CHG~0.00%
Published-06 May, 2008 | 16:00
Updated-07 Aug, 2024 | 08:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SQL injection vulnerability in the Profiler (com_comprofiler) component in Community Builder for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the user parameter in a userProfile action to index.php.

Action-Not Available
Vendor-joomlapolisn/aJoomla!MamboServer
Product-com_comprofilercommunity_buildern/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2008-1540
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.01% / 0.24%
||
7 Day CHG~0.00%
Published-28 Mar, 2008 | 18:00
Updated-07 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SQL injection vulnerability in the Datsogallery (com_datsogallery) 1.3.1 module for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Action-Not Available
Vendor-n/aJoomla!MamboServer
Product-datsogalleryn/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2008-0849
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.01% / 1.50%
||
7 Day CHG~0.00%
Published-21 Feb, 2008 | 00:00
Updated-07 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SQL injection vulnerability in index.php in the Downloads (com_downloads) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in a selectcat function, a different vector than CVE-2008-0652.

Action-Not Available
Vendor-n/aJoomla!MamboServer
Product-com_downloadsn/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2008-0721
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.25% / 48.27%
||
7 Day CHG~0.00%
Published-12 Feb, 2008 | 01:00
Updated-07 Aug, 2024 | 07:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SQL injection vulnerability in index.php in the Sermon (com_sermon) 0.2 component for Mambo allows remote attackers to execute arbitrary SQL commands via the gid parameter.

Action-Not Available
Vendor-n/aMamboServer
Product-com_sermonn/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2008-0606
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.01% / 0.58%
||
7 Day CHG~0.00%
Published-06 Feb, 2008 | 11:00
Updated-07 Aug, 2024 | 07:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SQL injection vulnerability in index.php in the Shambo2 (com_shambo2) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter.

Action-Not Available
Vendor-phil_taylorn/aJoomla!MamboServer
Product-com_shambo2shambo2n/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2008-0752
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.01% / 0.58%
||
7 Day CHG~0.00%
Published-13 Feb, 2008 | 19:00
Updated-07 Aug, 2024 | 07:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SQL injection vulnerability in index.php in the Neogallery (com_neogallery) 1.1 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a show action.

Action-Not Available
Vendor-n/aJoomla!MamboServer
Product-com_neogalleryn/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2008-0855
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.01% / 1.26%
||
7 Day CHG~0.00%
Published-21 Feb, 2008 | 00:00
Updated-07 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SQL injection vulnerability in the Facile Forms (com_facileforms) component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php.

Action-Not Available
Vendor-n/aJoomla!MamboServer
Product-com_facileformsn/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2008-0518
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.01% / 0.79%
||
7 Day CHG~0.00%
Published-31 Jan, 2008 | 19:30
Updated-07 Aug, 2024 | 07:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SQL injection vulnerability in index.php in the Recipes (com_recipes) 1.00 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action.

Action-Not Available
Vendor-n/aJoomla!MamboServer
Product-com_recipesn/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2008-0854
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.01% / 1.69%
||
7 Day CHG~0.00%
Published-21 Feb, 2008 | 00:00
Updated-07 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SQL injection vulnerability in the com_salesrep component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the rid parameter in a showrep action to index.php.

Action-Not Available
Vendor-n/aJoomla!MamboServer
Product-com_salesrepn/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2008-0846
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.01% / 0.24%
||
7 Day CHG~0.00%
Published-20 Feb, 2008 | 21:00
Updated-16 Sep, 2024 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SQL injection vulnerability in index.php in the com_profile component for Joomla! allows remote attackers to execute arbitrary SQL commands via the oid parameter.

Action-Not Available
Vendor-n/aJoomla!MamboServer
Product-com_profilen/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2008-0746
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.01% / 0.79%
||
7 Day CHG-0.00%
Published-13 Feb, 2008 | 19:00
Updated-07 Aug, 2024 | 07:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SQL injection vulnerability in index.php in the Gallery (com_gallery) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action.

Action-Not Available
Vendor-n/aJoomla!MamboServer
Product-com_galleryn/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2008-0517
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.01% / 0.79%
||
7 Day CHG~0.00%
Published-31 Jan, 2008 | 19:30
Updated-07 Aug, 2024 | 07:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SQL injection vulnerability in index.php in the Darko Selesi EstateAgent (com_estateagent) 0.1 component for Mambo 4.5.x and Joomla! allows remote attackers to execute arbitrary SQL commands via the objid parameter in a contact showObject action.

Action-Not Available
Vendor-darko_selesin/aJoomla!MamboServer
Product-joomlamamboestateagentn/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2008-0853
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.01% / 0.38%
||
7 Day CHG~0.00%
Published-21 Feb, 2008 | 00:00
Updated-07 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SQL injection vulnerability in the com_detail component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. NOTE: this issue might be site-specific. If so, it should not be included in CVE.

Action-Not Available
Vendor-n/aJoomla!MamboServer
Product-com_detailn/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2008-0829
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.01% / 1.29%
||
7 Day CHG~0.00%
Published-19 Feb, 2008 | 21:00
Updated-07 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SQL injection vulnerability in jooget.php in the Joomlapixel Jooget! (com_jooget) 2.6.8 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail task.

Action-Not Available
Vendor-joomlapixeln/aJoomla!MamboServer
Product-joogetjoomlamambon/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2008-0810
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.01% / 0.30%
||
7 Day CHG~0.00%
Published-19 Feb, 2008 | 01:00
Updated-07 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SQL injection vulnerability in the com_scheduling module for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter.

Action-Not Available
Vendor-n/aJoomla!MamboServer
Product-com_scheduling_componentn/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2008-0510
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.01% / 0.79%
||
7 Day CHG~0.00%
Published-31 Jan, 2008 | 19:30
Updated-07 Aug, 2024 | 07:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SQL injection vulnerability in index.php in the Newsletter (com_newsletter) component for Mambo 4.5 and Joomla! allows remote attackers to execute arbitrary SQL commands via the listid parameter.

Action-Not Available
Vendor-n/aJoomla!MamboServer
Product-com_newslettermambon/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2008-0515
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.01% / 0.58%
||
7 Day CHG~0.00%
Published-31 Jan, 2008 | 19:30
Updated-07 Aug, 2024 | 07:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SQL injection vulnerability in index.php in the musepoes (com_musepoes) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an answer action.

Action-Not Available
Vendor-n/aJoomla!MamboServer
Product-musepoes_componentn/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2008-0511
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.01% / 0.79%
||
7 Day CHG~0.00%
Published-31 Jan, 2008 | 19:30
Updated-07 Aug, 2024 | 07:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SQL injection vulnerability in index.php in the MaMML (com_mamml) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the listid parameter.

Action-Not Available
Vendor-n/aJoomla!MamboServer
Product-com_mammln/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2007-5177
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.33% / 54.87%
||
7 Day CHG~0.00%
Published-03 Oct, 2007 | 14:00
Updated-07 Aug, 2024 | 15:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SQL injection vulnerability in index.php in the MambAds (com_mambads) 1.5 and earlier component for Mambo allows remote attackers to execute arbitrary SQL commands via the caid parameter.

Action-Not Available
Vendor-mambadsn/aMamboServer
Product-mambadsmambon/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2007-4456
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.68% / 70.63%
||
7 Day CHG~0.00%
Published-21 Aug, 2007 | 21:00
Updated-07 Aug, 2024 | 14:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SQL injection vulnerability in index.php in the SimpleFAQ (com_simplefaq) 2.11 component for Mambo allows remote attackers to execute arbitrary SQL commands via the aid parameter. NOTE: it was later reported that 2.40 is also affected, and that the component can be used in Joomla! in addition to Mambo.

Action-Not Available
Vendor-parkview_consultantsn/aMamboServer
Product-simplefaqmambon/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2007-4505
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.26% / 48.98%
||
7 Day CHG~0.00%
Published-23 Aug, 2007 | 19:00
Updated-07 Aug, 2024 | 15:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SQL injection vulnerability in index.php in the RemoSitory component (com_remository) for Mambo allows remote attackers to execute arbitrary SQL commands via the cat parameter in a selectcat action.

Action-Not Available
Vendor-n/aMamboServer
Product-mamboremositoryn/a
CVE-2008-0652
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.01% / 0.36%
||
7 Day CHG~0.00%
Published-07 Feb, 2008 | 20:00
Updated-07 Aug, 2024 | 07:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SQL injection vulnerability in index.php in the Downloads (com_downloads) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the filecatid parameter in a selectfolder action.

Action-Not Available
Vendor-n/aJoomla!MamboServer
Product-com_downloadsn/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2008-0841
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.01% / 0.40%
||
7 Day CHG~0.00%
Published-20 Feb, 2008 | 21:00
Updated-07 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SQL injection vulnerability in index.php in the Giorgio Nordo Ricette (com_ricette) 1.0 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter.

Action-Not Available
Vendor-n/aJoomla!MamboServer
Product-com_ricette_componentn/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2008-0772
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.01% / 1.74%
||
7 Day CHG-0.00%
Published-13 Feb, 2008 | 23:00
Updated-07 Aug, 2024 | 07:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SQL injection vulnerability in index.php in the com_doc component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the sid parameter in a view task.

Action-Not Available
Vendor-n/aJoomla!MamboServer
Product-com_docn/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
  • Previous
  • 1
  • 2
  • Next
Details not found