CVE Vulnerabilities

CVE-2005-2002

Published: Jun 15, 2005 | Modified: Oct 18, 2016
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

SQL injection vulnerability in content.php in Mambo 4.5.2.2 and earlier allows remote attackers to execute arbitrary SQL commands via the user_rating parameter.

Affected Software

Name Vendor Start Version End Version
Mambo Mambo 4.5.2 4.5.2
Mambo Mambo 4.5.0.2 4.5.0.2
Mambo Mambo 4.5.2.2 4.5.2.2
Mambo Mambo 4.5.1a 4.5.1a
Mambo Mambo 4.5.1.3 4.5.1.3
Mambo Mambo 4.5_1.0.9 4.5_1.0.9

References