The dofreePDF function in includes/pdf.php in Mambo 4.6.1 does not properly check access rights for database content, which allows remote malicious users to read certain content via unspecified vectors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mambo mambo open source 4.6.1 |