PHPDeveloper: PHP News, Views and Community

Subscribe

@phpdeveloper.org

News Archive

Community News: Latest PEAR Releases (03.18.2024)

Community News: Latest PEAR Releases (03.11.2024)

Community News: Latest PECL Releases (03.05.2024)

Community News: Latest PECL Releases (02.27.2024)

Community News: Latest PEAR Releases (02.26.2024)

Community News: Latest PECL Releases (02.20.2024)

Community News: Latest PECL Releases (02.13.2024)

Community News: Latest PEAR Releases (02.12.2024)

Community News: Latest PECL Releases (02.06.2024)

Community News: Latest PECL Releases (01.30.2024)

Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Secunia.com:
Mambo Unspecified Bypass Vulnerabilities

byChris Cornutt May 03, 2007 @ 14:38:00

Secunia.com has posted a new advisory today that Mambo users need to sit up and take notice of. There's a vulnerability that's been discovered that could allow the bypassing of security restrictions in the application.

A vulnerability is caused due to insufficient privilege checks in includes/pdf.php. No further information is currently available.

A vulnerability is caused due to insufficient privilege checks in MOStlyDB Admin. Successful exploitation requires valid administrator credentials. No further information is currently available.

If you're using Mambo version 4.6.1 or prior, it's recommended that you update as soon as possible to the latest release, version 4.6.2.