These bugs were published in full-disclosure about 2 weeks ago (CVE :
CVE-2007-0373, CVE-2007-0374 and CVE-2007-0375, CVE-2007-0387) .
In Mambo 4.6.1 and Joomla 1.0.11 (and 1.5 Beta) , the 'id' parameter can
cause sql injection when cancelling content editting . Other versions maybe
affected ...
These bugs were published in full-disclosure about 2 weeks ago (CVE :
CVE-2007-0373, CVE-2007-0374 and CVE-2007-0375, CVE-2007-0387) .
In Mambo 4.6.1 and Joomla 1.0.11 (and 1.5 Beta) , the 'id' parameter can
cause sql injection when cancelling content editting . Other versions maybe
affected ...
[ more ]