Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in index.php in Mambo 4.5 (1.0.9) allows remote attackers to inject arbitrary web script or HTML via the (1) Itemid, (2) mosmsg, or (3) limit parameters.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Mambo Server Cache_library远程任意命令执行漏洞
Vulnerability Description
Mambo Open Source是一套基于PHP和MySql的开源网站内容管理系统(CMS)。该系统支持搜索引擎优化、模板/主题下载和流量统计等。 Mambo Server存在输入验证错误,远程攻击者可以利用这个漏洞以WEB进程权限执行任意命令或进行跨站脚本攻击。 Jose Antonio Coret (Joxean Koret)报告在Cache_library中存在一个文件包含错误,允许远程攻击者指定远程的恶意文件作为'mosConfig_absolute_path'参数值,导致目标服务器包含此恶意文
CVSS Information
N/A
Vulnerability Type
N/A