Joomla! Forum - community, help and support

Secunia Advisory: SA21540 Print Advisory 
Release Date: 2006-08-18

Critical: Highly critical
Impact: System access
Where: From remote
Solution Status: Unpatched

Software: a6MamboCredits 1.x (component for Mambo)
a6MamboCredits 2.x (component for Mambo)

Select a product and view a complete list of all Patched/Unpatched Secunia advisories affecting it.

Description:
Charles Nelwan has discovered a vulnerability in the a6MamboCredits component for Mambo, which can be exploited by malicious people to compromise a vulnerable system.

Input passed to the "mosConfig_absolute_path" parameter in administrator/components/com_a6mambocredits/admin.a6mambocredits.php isn't properly verified, before it is used to include files. This can be exploited to include arbitrary files from external and local resources.

Successful exploitation requires that "register_globals" is enabled.

The vulnerability has been confirmed in version 2.0.0 and has also been reported in version 1.0.0. Other versions may also be affected.

Solution:
Edit the source code to ensure that input is properly verified.

Set "register_globals" to "Off".

Read more: http://secunia.com/advisories/21540/

Thanks,

Will add this to the list; http://forum.joomla.org/index.php/topic,79477.0.html

Regards Robin

If similar to A6MamboHelpDesk, that means it is an abandoned extension.

You can use JM-Credits instead of a6MamboCredits. JM-Credits doesn't have that vulnerability and is much more configurable than a6MamboCredits.

I hope you like it! 

I mixed up a6Credits and a6Helpdesk, will restore this today on the list!