| Max CVSS | 5.0 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2013-2562 | 2.1 |
Mambo CMS 4.6.5 stores the MySQL database password in cleartext in the document root, which allows local users to obtain sensitive information via unspecified vectors.
|
24-06-2014 - 15:34 | 09-06-2014 - 19:55 | |
| CVE-2013-2563 | 2.1 |
Mambo CMS 4.6.5 uses world-readable permissions on configuration.php, which allows local users to obtain the admin password hash by reading the file.
|
24-06-2014 - 15:29 | 09-06-2014 - 19:55 | |
| CVE-2013-2564 | 5.0 |
Mambo CMS 4.6.5 allows remote attackers to cause a denial of service (memory and bandwidth consumption) by uploading a crafted file.
|
24-06-2014 - 15:20 | 09-06-2014 - 19:55 |