CyberSec.Space Logo
Back to CVE Browser

CVE-2006-4860

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1860%
EPSS Percentile10.69th
PublishedSep 19, 2006
Last ModifiedApr 16, 2026

Vulnerability Description

Multiple unspecified vulnerabilities in (1) index.php, (2) minixml.inc.php, (3) doc.inc.php, (4) element.inc.php, (5) node.inc.php, (6) treecomp.inc.php, (7) forum.html.php, (8) forum.php, (9) antihack.php, (10) content.php, (11) initglobals.php, and (12) imanager.php in Limbo (aka Lite Mambo) CMS 1.0.4.2 before 20060311 have unknown impact and attack vectors.

Affected Platforms (CPE)

πŸ“¦
Limbo Cms

Limbo Cms

= 1.0.4.1
πŸ“¦
Limbo Cms

Limbo Cms

= 1.0.4.2
πŸ“¦
Limbo Cms

Limbo Cms

= 1.0.4.2l

References & Advisories

πŸ”— http://www.limboportal.com/index.php/option/downloads/task/download/id/110
πŸ”— http://www.limboportal.com/index.php/option/downloads/task/info/id/110/Itemid/46
πŸ”— http://www.osvdb.org/31012
πŸ”— http://www.osvdb.org/31013
πŸ”— http://www.osvdb.org/31014
πŸ”— http://www.osvdb.org/31015
πŸ”— http://www.osvdb.org/31016
πŸ”— http://www.osvdb.org/31017

Related Vulnerabilities

CVE-2006-16627.5

The frontpage option in Limbo CMS 1.0.4.2 and 1.0.4.1 allows remote attackers to execute arbitrary PHP commands via the Itemid par...

CVE-2006-48597.5

Unrestricted file upload vulnerability in contact.html.php in the Contact (com_contact) component in Limbo (aka Lite Mambo) CMS 1....

CVE-2005-43187.5

SQL injection vulnerability in index.php in Limbo CMS 1.0.4.2 and earlier, with register_globals off, allows remote attackers to e...

CVE-2008-07347.5

SQL injection vulnerability in class_auth.php in Limbo CMS 1.0.4.2, and possibly earlier versions, allows remote attackers to exec...