Secunia.com has posted a new advisory today that Mambo users need to sit up and take notice of. There's a vulnerability that's been discovered that could allow the bypassing of security restrictions in the application.
A vulnerability is caused due to insufficient privilege checks in includes/pdf.php. No further information is currently available.
A vulnerability is caused due to insufficient privilege checks in MOStlyDB Admin. Successful exploitation requires valid administrator credentials. No further information is currently available.
If you're using Mambo version 4.6.1 or prior, it's recommended that you update as soon as possible to the latest release, version 4.6.2.