CyberSec.Space Logo
CVEブラウザに戻る

CVE-2006-4860

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1860%
EPSS Percentile10.69th
Published2006年9月19日
Last Modified2026年4月16日

Vulnerability Description

Multiple unspecified vulnerabilities in (1) index.php, (2) minixml.inc.php, (3) doc.inc.php, (4) element.inc.php, (5) node.inc.php, (6) treecomp.inc.php, (7) forum.html.php, (8) forum.php, (9) antihack.php, (10) content.php, (11) initglobals.php, and (12) imanager.php in Limbo (aka Lite Mambo) CMS 1.0.4.2 before 20060311 have unknown impact and attack vectors.

Affected Platforms (CPE)

📦
Limbo Cms

Limbo Cms

= 1.0.4.1
📦
Limbo Cms

Limbo Cms

= 1.0.4.2
📦
Limbo Cms

Limbo Cms

= 1.0.4.2l

References & Advisories

🔗 http://www.limboportal.com/index.php/option/downloads/task/download/id/110
🔗 http://www.limboportal.com/index.php/option/downloads/task/info/id/110/Itemid/46
🔗 http://www.osvdb.org/31012
🔗 http://www.osvdb.org/31013
🔗 http://www.osvdb.org/31014
🔗 http://www.osvdb.org/31015
🔗 http://www.osvdb.org/31016
🔗 http://www.osvdb.org/31017

関連する脆弱性情報

CVE-2006-16627.5

The frontpage option in Limbo CMS 1.0.4.2 and 1.0.4.1 allows remote attackers to execute arbitrary PHP commands via the Itemid par...

CVE-2006-48597.5

Unrestricted file upload vulnerability in contact.html.php in the Contact (com_contact) component in Limbo (aka Lite Mambo) CMS 1....

CVE-2005-43187.5

SQL injection vulnerability in index.php in Limbo CMS 1.0.4.2 and earlier, with register_globals off, allows remote attackers to e...

CVE-2008-07347.5

SQL injection vulnerability in class_auth.php in Limbo CMS 1.0.4.2, and possibly earlier versions, allows remote attackers to exec...