cpe:/a:mambo:mambo:4.5.4 CVE-2007-0789 2007-02-06T14:28:00.000-05:00 2011-08-05T00:00:00.000-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2007-02-06T17:36:00.000-05:00 SECUNIA 24044 OSVDB 33088 VUPEN ADV-2007-0480 SQL injection vulnerability in Mambo before 4.5.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors in cancel edit functions, possibly related to the id parameter.