Описание
SQL injection vulnerability in Mambo before 4.5.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors in cancel edit functions, possibly related to the id parameter.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| mambo | fixed | 4.6.1-1 | package |
Примечания
only the 4.5.x tree was vulnerable
EPSS
Процентиль: 68%
0.00559
Низкий
Связанные уязвимости
nvd
около 19 лет назад
SQL injection vulnerability in Mambo before 4.5.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors in cancel edit functions, possibly related to the id parameter.
github
почти 4 года назад
SQL injection vulnerability in Mambo before 4.5.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors in cancel edit functions, possibly related to the id parameter.
EPSS
Процентиль: 68%
0.00559
Низкий