📦

shambo2

Vendor: phil_taylor

Login to add this product to WatchStack
Actively Exploited 0 CISA KEV List
PoC / Exploits 1 Code Available
Total RCEs 0 Remote Access
Total CVEs 3 Total Indexed
Avg. EPSS 0.77% Exploit Prob.
Latest CVE CVE-2008-0606 Feb 06

Security Vulnerability Index

Page 1 / 1
7.5 CVSS
CVE-2008-0606
Exploit Found

SQL injection vulnerability in index.php in the Shambo2 (com_shambo2) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter.

EPSS: 0.02%
7.5 CVSS
CVE-2006-6049

PHP remote file inclusion vulnerability in shambo2.php in the Shambo2 (com_shambo2) component for Mambo 4.5 allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.

EPSS: 1.53%