CVE-2006-1794

Name of the Vulnerable Software and Affected Versions Mambo versions 4.5.3 and 4.5.3h, and possibly earlier versions

Description The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via the $username variable in the mosGetParam() function, the $task parameter in the mosMenuCheck() function in includes/mambo.php, and the $filter variable to the showCategory() function in the com content component (content.php).

Recommendations For Mambo versions 4.5.3 and 4.5.3h, and possibly earlier versions, consider restricting access to the mosGetParam() and mosMenuCheck() functions, as well as the showCategory() function in the com content component, until a patch is available. As a temporary workaround, avoid using the $username, $task, and $filter variables in the affected functions and components to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.