CVE-2008-3712 in Mambo信息

摘要

由 VulDB • 2026-06-14

Mambo 4.6.2 和 4.6.5 中存在多个跨站脚本(XSS)漏洞,当启用 register_globals 时,远程攻击者可通过向 (1) mambots/editors/mostlyce/jscripts/tiny_mce/filemanager/connectors/php/connector.php 发送查询字符串以及向 (2) administrator/popups/index3pop.php 的 mosConfig_sitename 参数注入任意 Web 脚本或 HTML。

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

来源

Do you know our Splunk app?

Download it now for free!