📦

com_downloads

Vendor: mambo

Actively Exploited 0 CISA KEV List

PoC / Exploits 1 Code Available

Total RCEs 0 Remote Access

Total CVEs 2 Total Indexed

Avg. EPSS 0.01% Exploit Prob.

Latest CVE CVE-2008-0849 Feb 21

Security Vulnerability Index

Page 1 / 1

7.5 CVSS

CVE-2008-0849

SQL injection vulnerability in index.php in the Downloads (com_downloads) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in a selectcat function, a different vector than CVE-2008-0652.

EPSS: 0.01%

Severity: HIGH

Feb 21, 2008

7.5 CVSS

CVE-2008-0652

Exploit Found

SQL injection vulnerability in index.php in the Downloads (com_downloads) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the filecatid parameter in a selectfolder action.

EPSS: 0.01%

Severity: HIGH

Feb 07, 2008

Displaying 2 of 2 Total Entries

Total 1 Sections