Unrated severityNVD Advisory· Published Jun 15, 2005· Updated Apr 16, 2026
CVE-2005-2002
CVE-2005-2002
Description
SQL injection vulnerability in content.php in Mambo 4.5.2.2 and earlier allows remote attackers to execute arbitrary SQL commands via the user_rating parameter.
Affected products
6cpe:2.3:a:mambo:mambo:4.5.0.2:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:mambo:mambo:4.5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:mambo:mambo:4.5.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:mambo:mambo:4.5.1a:a:*:*:*:*:*:*
- cpe:2.3:a:mambo:mambo:4.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:mambo:mambo:4.5.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:mambo:mambo:4.5_1.0.9:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- secunia.com/advisories/15710nvdPatchVendor Advisory
- mamboforge.net/frs/download.php/6153/CHANGELOGnvdVendor Advisory
- marc.infonvd
- securitytracker.com/idnvd
- www.osvdb.org/17323nvd
- www.securityfocus.com/bid/13966nvd
News mentions
0No linked articles in our index yet.