Investigations by GulfTech Research And Development have revealed a long standing weakness in Mambo that could allow a hacker to compromise sites built on Mambo. The firms findings will be published in about a week's time.


Patched files available for 4.5.3 and 4.5.3h at:
http://source.mambo-foundation.org/Remository/Download/Mambo_Core_Files/Security_Updates/

After tackling the ZenCart security update, I received a notice about a Geeklog security update. Now there's Mambo, all in less than a week. Is this a coincidence?

Geez... haven't even gotten zencart up and running yet :P I guess I'll have to patch it on the local test box!

As far as Mambo, this one seems pretty painless as only two files are changed.