VYPR

Sitemap

by Mambo (software)

CVEs (2)

  • CVE-2006-3749Jul 21, 2006
    risk 0.03cvss epss 0.04

    PHP remote file inclusion vulnerability in sitemap.xml.php in Sitemap component (com_sitemap) 2.0.0 for Mambo 4.5.1 CMS, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.

  • CVE-2022-4545Jan 23, 2023
    risk 0.00cvss epss 0.00

    The Sitemap WordPress plugin before 4.4 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against…