https://www.exploit-db.com/exploits/23834
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200403-084

MamboOpenSource4.5stable1.0.3以及以前的版本的index.php存在SQL注入漏洞。远程攻击者借助id参数执行任意SQL命令。

source: http://www.securityfocus.com/bid/9891/info

It has been reported that the Mambo 'index.php' script is prone to an SQL injection vulnerability. This issue is due to a failure of the application to properly validate user supplied URI input.

As a result of this a malicious user may influence database queries in order to view or modify sensitive information, potentially compromising the software or the database. It may be possible for an attacker to disclose the administrator password hash by exploiting this issue.

http://www.example.com/index.php?option=content&task=view&id=[SQL]&Itemid=[VID]
http://www.example.com/index.php?option=content&task=category§ionid=[VID]&id=[SQL]&Itemid=[VID]
http://www.example.com/index.php?option=content&task=category&sectionid=[VID]&id=[SQL]&Itemid=[VID]

来源:OSVDB
名称:4307
链接:http://www.osvdb.org/4307
来源:SECUNIA
名称:11140
链接:http://secunia.com/advisories/11140
来源:BUGTRAQ
名称:20040316MamboOpenSourceMultipleVulnerabilities
链接:http://marc.theaimsgroup.com/?l=bugtraq&m;=107945576020593&w;=2
来源:XF
名称:mambo-id-sql-injection(15500)
链接:http://xforce.iss.net/xforce/xfdb/15500
来源:BID
名称:9891
链接:http://www.securityfocus.com/bid/9891