- EPSS 1.66%
- Veröffentlicht 11.09.2009 16:30:00
- Zuletzt bearbeitet 16.06.2026 23:03:50
MOStlyCE before 2.4, as used in Mambo 4.6.3 and earlier, allows remote attackers to obtain sensitive information via certain requests to mambots/editors/mostlyce/jscripts/tiny_mce/filemanager/connectors/php/connector.php, which reveals the installati...
CVE-2008-7213
- EPSS 2.15%
- Veröffentlicht 11.09.2009 16:30:00
- Zuletzt bearbeitet 16.06.2026 23:03:50
Cross-site scripting (XSS) vulnerability in mambots/editors/mostlyce/jscripts/tiny_mce/filemanager/connectors/php/connector.php in MOStlyCE before 2.4, as used in Mambo 4.6.3 and earlier, allows remote attackers to inject arbitrary web script or HTML...
CVE-2008-7214
- EPSS 0.75%
- Veröffentlicht 11.09.2009 16:30:00
- Zuletzt bearbeitet 16.06.2026 23:03:50
Cross-site request forgery (CSRF) vulnerability in administrator/index2.php in MOStlyCE before 2.4, as used in Mambo 4.6.3 and earlier, allows remote attackers to hijack the authentication of administrators for requests that add new administrator acc...
CVE-2008-7215
- EPSS 1.81%
- Veröffentlicht 11.09.2009 16:30:00
- Zuletzt bearbeitet 16.06.2026 23:03:50
The Image Manager in MOStlyCE before 2.4, as used in Mambo 4.6.3 and earlier, allows remote attackers to rename arbitrary files and cause a denial of service via modified file[NewFile][name], file[NewFile][tmp_name], and file[NewFile][size] parameter...