This script is Copyright (C) 2011-2014 Tenable Network Security, Inc.
The remote FreeBSD host is missing a security-related update.
James Bercegay reports :
Mambo is vulnerable to an Authentication Bypass issue that is due to
a SQL Injection in the login function. The SQL Injection is possible
because the $passwd variable is only sanitized when it is not passed
as an argument to the function.
Omid reports :
There are several sql injections in Mambo 4.6 RC2 & Joomla 1.0.10 (and
maybe other versions) :
- When a user edits a content, the 'id' parameter is not checked
properly in /components/com_content/content.php, which can cause 2 sql
- The 'limit' parameter in the administration section is not checked.
This affects many pages of administration section
- In the administration section, while editing/creating a user, the
'gid' parameter is not checked properly.
See also :
Update the affected package.
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 6.2
Public Exploit Available : true