CyberSec.Space Logo
CVEブラウザに戻る

CVE-2006-7092

HIGH
7.5
CVSS Severity Score
EPSS Score0.0460%
EPSS Percentile6.76th
Published2007年3月2日
Last Modified2026年4月23日

Vulnerability Description

SQL injection vulnerability in includes/mambo.php in Mambo LaiThai 4.5.4 SP2 and earlier allows remote attackers to execute arbitrary SQL commands via the usercookie[password] cookie parameter.

Affected Platforms (CPE)

📦
Mamboxchange

Laithai

<= 4.5.4

References & Advisories

🔗 http://mamboxchange.com/forum/forum.php?forum_id=7767
🔗 http://secunia.com/advisories/22263
🔗 http://www.securityfocus.com/bid/20413
🔗 http://www.vupen.com/english/advisories/2006/3953
🔗 http://mamboxchange.com/forum/forum.php?forum_id=7767
🔗 http://secunia.com/advisories/22263
🔗 http://www.securityfocus.com/bid/20413
🔗 http://www.vupen.com/english/advisories/2006/3953

関連する脆弱性情報

CVE-2008-050010.0

Multiple unspecified vulnerabilities in Mambo LaiThai 4.5.5 have unknown impact and attack vectors related to (1) mod_login and (2...

CVE-2008-04997.5

SQL injection vulnerability in Mambo LaiThai 4.5.5 allows remote attackers to execute arbitrary SQL commands via unspecified vecto...

CVE-2006-70935.8

Cross-site scripting (XSS) vulnerability in Mambo LaiThai 4.5.4 Security Patch 2 and earlier allows remote attackers to inject arb...

CVE-2006-446110.0

Paessler IPCheck Server Monitor before 5.3.3.639/640 does not properly implement a "list of acceptable host IP addresses in the pr...