| VID |
21543 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The Mambo Open Source is vulnerable to an unauthorized access vulnerability. Mambo Open Source (formerly Mambo Site Server) is an Internet portal and content management software. Mambo Open Source versions 4.5.1 and earlier could allow a remote attacker to bypass certain security restrictions. The problem arises due to improper implementation of global variables and not sanitizing the user-supplied input data. This vulnerability could be exploited to gain administrative privileges and access the database.
* References:
http://secunia.com/advisories/14124/
* Platforms Affected:
Miro Construct Pty Ltd., Mambo Open Source 4.5.1 and earlier
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of Mambo Open Source (4.5.1b or later), available from the MamboForge Web site at http://sourceforge.net/projects/mambo/ |
| Related URL |
(CVE) |
| Related URL |
12436 (SecurityFocus) |
| Related URL |
19201 (ISS) |
|
