Skip to main content

Mambo Cms

3 CVEs product

Monthly

CVE-2013-2564 MEDIUM POC This Month

Mambo CMS 4.6.5 allows remote attackers to cause a denial of service (memory and bandwidth consumption) by uploading a crafted file. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Mambo Cms
NVD
CVSS 2.0
5.0
EPSS
0.5%
CVE-2013-2563 LOW POC Monitor

Mambo CMS 4.6.5 uses world-readable permissions on configuration.php, which allows local users to obtain the admin password hash by reading the file. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

PHP Privilege Escalation Mambo Cms
NVD
CVSS 2.0
2.1
EPSS
0.1%
CVE-2013-2562 LOW POC Monitor

Mambo CMS 4.6.5 stores the MySQL database password in cleartext in the document root, which allows local users to obtain sensitive information via unspecified vectors. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Mambo Cms
NVD
CVSS 2.0
2.1
EPSS
0.1%
EPSS 1% CVSS 5.0
MEDIUM POC This Month

Mambo CMS 4.6.5 allows remote attackers to cause a denial of service (memory and bandwidth consumption) by uploading a crafted file. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Mambo Cms
NVD
EPSS 0% CVSS 2.1
LOW POC Monitor

Mambo CMS 4.6.5 uses world-readable permissions on configuration.php, which allows local users to obtain the admin password hash by reading the file. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

PHP Privilege Escalation Mambo Cms
NVD
EPSS 0% CVSS 2.1
LOW POC Monitor

Mambo CMS 4.6.5 stores the MySQL database password in cleartext in the document root, which allows local users to obtain sensitive information via unspecified vectors. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Mambo Cms
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy