Vulnerability Description
SQL injection vulnerability in the MambAds (com_mambads) component 1.0 RC1 Beta and 1.0 RC1 for Mambo allows remote attackers to execute arbitrary SQL commands via the ma_cat parameter in a view action to index.php, a different vector than CVE-2007-5177.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mambads | Mambads | 1.0 |
| Joomla | Joomla | All versions |
| Mambo | Mambo | All versions |
Related Weaknesses (CWE)
References
- http://securityreason.com/securityalert/4630
- http://www.securityfocus.com/bid/29433
- https://exchange.xforce.ibmcloud.com/vulnerabilities/42747
- https://www.exploit-db.com/exploits/5692
- http://securityreason.com/securityalert/4630
- http://www.securityfocus.com/bid/29433
- https://exchange.xforce.ibmcloud.com/vulnerabilities/42747
- https://www.exploit-db.com/exploits/5692
FAQ
What is CVE-2008-5226?
CVE-2008-5226 is a vulnerability with a CVSS score of 7.5 (HIGH). SQL injection vulnerability in the MambAds (com_mambads) component 1.0 RC1 Beta and 1.0 RC1 for Mambo allows remote attackers to execute arbitrary SQL commands via the ma_cat parameter in a view actio...
How severe is CVE-2008-5226?
CVE-2008-5226 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-5226?
Check the references section above for vendor advisories and patch information. Affected products include: Mambads Mambads, Joomla Joomla, Mambo Mambo.