Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs


More on LinuxToday


Multiple Unpatched Vulnerabilities in Open Source CMS Mambo

Jan 30, 2008, 19:30 (0 Talkback[s])

"SecurityFocus has on Monday reported vulnerabilities in the open source content management system Mambo, which could be exploited by attackers to view confidential information or compromise a system. Four flaws have been found, and as yet no fix has been issued.

"The mambots/editors/mostlyce/jscripts/tiny_mce/filemanager/connectors/php/connector.php script fails to correctly filter the content of the file[NewFile][tmp_name] parameter, so that crafted arguments can be used to delete files such as configuration.php on the server..."

Complete Story

Related Stories: