CyberSec.Space Logo
Back to CVE Browser

CVE-2006-7092

HIGH
7.5
CVSS Severity Score
EPSS Score0.0460%
EPSS Percentile6.76th
PublishedMar 2, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

SQL injection vulnerability in includes/mambo.php in Mambo LaiThai 4.5.4 SP2 and earlier allows remote attackers to execute arbitrary SQL commands via the usercookie[password] cookie parameter.

Affected Platforms (CPE)

πŸ“¦
Mamboxchange

Laithai

<= 4.5.4

References & Advisories

πŸ”— http://mamboxchange.com/forum/forum.php?forum_id=7767
πŸ”— http://secunia.com/advisories/22263
πŸ”— http://www.securityfocus.com/bid/20413
πŸ”— http://www.vupen.com/english/advisories/2006/3953
πŸ”— http://mamboxchange.com/forum/forum.php?forum_id=7767
πŸ”— http://secunia.com/advisories/22263
πŸ”— http://www.securityfocus.com/bid/20413
πŸ”— http://www.vupen.com/english/advisories/2006/3953

Related Vulnerabilities

CVE-2008-050010.0

Multiple unspecified vulnerabilities in Mambo LaiThai 4.5.5 have unknown impact and attack vectors related to (1) mod_login and (2...

CVE-2008-04997.5

SQL injection vulnerability in Mambo LaiThai 4.5.5 allows remote attackers to execute arbitrary SQL commands via unspecified vecto...

CVE-2006-70935.8

Cross-site scripting (XSS) vulnerability in Mambo LaiThai 4.5.4 Security Patch 2 and earlier allows remote attackers to inject arb...

CVE-2006-607610.0

Buffer overflow in the Tape Engine (tapeeng.exe) in CA (formerly Computer Associates) BrightStor ARCserve Backup 11.5 and earlier ...