What are the vulnerabilities associated with CVE-2006-7149?

CVE-2006-7149 is related to multiple cross-site scripting (XSS) vulnerabilities in Mambo 4.6.x that allow remote attackers to inject arbitrary web script or HTML.

What versions of Mambo are affected by CVE-2006-7149?

The affected versions are Mambo 4.6-rc1, 4.6-rc2, and 4.6.1.

What is the impact of CVE-2006-7149 on web applications?

Web applications using Mambo 4.6.x are vulnerable to XSS attacks, potentially allowing attackers to execute malicious scripts in users' browsers.

How can I protect my application from CVE-2006-7149?

To protect your application, you should upgrade to a fixed version of Mambo that addresses the XSS vulnerabilities.

What kind of attack can be executed through CVE-2006-7149?

Attackers can execute XSS attacks that may lead to session hijacking, phishing, or other malicious activities affecting users.

Vulnerability/
CVE-2006-7149

medium

4.3

CWE

79 NVD-CWE-Other

7/3/2007

16/10/2018

CVE-2006-7149: XSS

First published: Wed Mar 07 2007(Updated: )

Multiple cross-site scripting (XSS) vulnerabilities in Mambo 4.6.x allow remote attackers to inject arbitrary web script or HTML via (1) the query string to (a) index.php, which reflects the string in an error message from mod_login.php; and the (2) mcname parameter to (b) moscomment.php and (c) com_comment.php.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Mambo (MamboCMS)	=4.6-rc1
Mambo (MamboCMS)	=4.6.1
Mambo (MamboCMS)	=4.6-rc2
Mambo	=4.6-rc1
Mambo	=4.6-rc2
Mambo	=4.6.1

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What are the vulnerabilities associated with CVE-2006-7149?
CVE-2006-7149 is related to multiple cross-site scripting (XSS) vulnerabilities in Mambo 4.6.x that allow remote attackers to inject arbitrary web script or HTML.
What versions of Mambo are affected by CVE-2006-7149?
The affected versions are Mambo 4.6-rc1, 4.6-rc2, and 4.6.1.
What is the impact of CVE-2006-7149 on web applications?
Web applications using Mambo 4.6.x are vulnerable to XSS attacks, potentially allowing attackers to execute malicious scripts in users' browsers.
How can I protect my application from CVE-2006-7149?
To protect your application, you should upgrade to a fixed version of Mambo that addresses the XSS vulnerabilities.
What kind of attack can be executed through CVE-2006-7149?
Attackers can execute XSS attacks that may lead to session hijacking, phishing, or other malicious activities affecting users.

agent/type
agent/first-publish-date
agent/last-modified-date
agent/severity
agent/weakness
agent/references
agent/author
agent/description
agent/event
collector/nvd-historical
agent/software-canonical-lookup-request
agent/tags
agent/softwarecombine
collector/nvd-index
vendor/mambo
canonical/mambo (mambocms)
version/mambo (mambocms)/4.6-rc1
version/mambo (mambocms)/4.6.1
version/mambo (mambocms)/4.6-rc2
canonical/mambo
version/mambo/4.6-rc1
version/mambo/4.6-rc2
version/mambo/4.6.1

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.