CVE-2008-7213
MOStlyCE <2.4 - XSS
Title source: llmDescription
Cross-site scripting (XSS) vulnerability in mambots/editors/mostlyce/jscripts/tiny_mce/filemanager/connectors/php/connector.php in MOStlyCE before 2.4, as used in Mambo 4.6.3 and earlier, allows remote attackers to inject arbitrary web script or HTML via the Command parameter.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by AmnPardaz · textwebappsphp
https://www.exploit-db.com/exploits/31066
References (9)
Scores
EPSS
0.0103
EPSS Percentile
77.1%
Classification
CWE
CWE-79
Status
published
Affected Products (4)
mambo-foundation/mambo
< 4.6.3
mambo-foundation/mambo
brilaps/mostlyce
< 2.0
n/a/n/a
Timeline
Published
Sep 11, 2009
Tracked Since
Feb 18, 2026