Categories

Applications (151)
Blogs (3)
Content Management (101)
Customer Relationship (2)
Discussion Boards (19)
E-Commerce (8)
General Purpose Directories (1)
Image Galleries (15)
Mailing Lists (1)
Tips (3)
Vulnerabilities (249)
Access Bypass (42)
Cross Site Scripting (94)
Denial Of Service (2)
File Inclusion (40)
Information Disclosure (13)
Privilege Escalation (2)
Remote Command Execution (12)
Session Hijacking (1)
SQL Injection (84)
« Coppermine Photo Gallery Multiple Vulnerabilities
Simple Forum Multiple Vulnerabilities »

Mambo Multiple Vulnerabilities

Published by TL Guan February 21st, 2008 in Content Management, Cross Site Scripting and Information Disclosure.

Application: Mambo
Affected Version: 4.6.3 and other versions.
Vendor’s URL: http://www.mambo-foundation.org/
Bug Type: Cross Site Scripting and Information Disclosure
Risk Level: Critical

Solution:
Restrict access to connectors.php by using .htaccess and do not browse untrusted website while logged on to Mambo

Subscribe

Latest

Archives



Valid XHTML 1.0 Transitional