Description: Some vulnerabilities have been reported in Mambo, which can be exploited by malicious people to bypass certain security restrictions.
1) A vulnerability is caused due to insufficient privilege checks in includes/pdf.php. No further information is currently available.
2) A vulnerability is caused due to insufficient privilege checks in MOStlyDB Admin. Successful exploitation requires valid administrator credentials. No further information is currently available.
The vulnerabilities are reported in version 4.6.1. Prior versions may also be affected.
Solution: Update to version 4.6.2.
Provided and/or discovered by: 1) Robert Atkinson
2) Reported by the vendor.
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.
