This is actively being exploited at the moment, concerning a remote code injection in Mambo/Joomla installations. The exploit code searches for index.php?option=com_performs via google and uses a bug in performs.php to execute a remote php script.

As far as I know, this vulnerability is not yet fixed/known by the Mambo developers.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/newsbriefs/248/1206#1206