Описание
SQL injection vulnerability in administrator/index2.php in Mambo CMS 4.6.5 and earlier allows remote attackers to execute arbitrary SQL commands via the zorder parameter.
Ссылки
- Exploit
- Exploit
- Exploit
- Exploit
- Exploit
- Exploit
- Exploit
- Exploit
- Exploit
- Exploit
Уязвимые конфигурации
Конфигурация 1Версия до 4.6.5 (включая)
Одно из
cpe:2.3:a:mambo-foundation:mambo:*:*:*:*:*:*:*:*
cpe:2.3:a:mambo-foundation:mambo:4.6:*:*:*:*:*:*:*
cpe:2.3:a:mambo-foundation:mambo:4.6:rc1:*:*:*:*:*:*
cpe:2.3:a:mambo-foundation:mambo:4.6:rc2:*:*:*:*:*:*
cpe:2.3:a:mambo-foundation:mambo:4.6.1:*:*:*:*:*:*:*
cpe:2.3:a:mambo-foundation:mambo:4.6.2:*:*:*:*:*:*:*
cpe:2.3:a:mambo-foundation:mambo:4.6.2:pre1:*:*:*:*:*:*
cpe:2.3:a:mambo-foundation:mambo:4.6.2:pre2:*:*:*:*:*:*
cpe:2.3:a:mambo-foundation:mambo:4.6.3:*:*:*:*:*:*:*
cpe:2.3:a:mambo-foundation:mambo:4.6.4:*:*:*:*:*:*:*
EPSS
Процентиль: 79%
0.01275
Низкий
7.5 High
CVSS2
Дефекты
CWE-89
Связанные уязвимости
github
больше 3 лет назад
SQL injection vulnerability in administrator/index2.php in Mambo CMS 4.6.5 and earlier allows remote attackers to execute arbitrary SQL commands via the zorder parameter.
EPSS
Процентиль: 79%
0.01275
Низкий
7.5 High
CVSS2
Дефекты
CWE-89