📦

com_zoom

Vendor: mamboxchange

Actively Exploited 0 CISA KEV List

PoC / Exploits 2 Code Available

Total RCEs 0 Remote Access

Total CVEs 1 Total Indexed

Avg. EPSS 2.67% Exploit Prob.

Latest CVE CVE-2009-4474 Dec 30

Security Vulnerability Index

Page 1 / 1

7.5 CVSS

CVE-2009-4474

Exploit Found

SQL injection vulnerability in the Mike de Boer zoom (com_zoom) component 2.0 for Mambo allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php.

EPSS: 0.25%

Severity: HIGH

Dec 30, 2009

7.5 CVSS

CVE-2007-1992

Exploit Found

Multiple PHP remote file inclusion vulnerabilities in the com_zoom 2.5 beta 2 and earlier module for Mambo allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to (1) EXIF_Makernote.php or (2) EXIF.php in classes/iptc/.

EPSS: 5.10%

Severity: HIGH

Apr 12, 2007

Displaying 2 of 1 Total Entries

Total 1 Sections