CVE-2008-3712 in Mambo
摘要
由 VulDB • 2026-06-14
Mambo 4.6.2 和 4.6.5 中存在多个跨站脚本(XSS)漏洞,当启用 register_globals 时,远程攻击者可通过向 (1) mambots/editors/mostlyce/jscripts/tiny_mce/filemanager/connectors/php/connector.php 发送查询字符串以及向 (2) administrator/popups/index3pop.php 的 mosConfig_sitename 参数注入任意 Web 脚本或 HTML。
If you want to get the best quality for vulnerability data then you always have to consider VulDB.