[VIM] vendor ack for "mambo-phphop Product Scroller Module R.F.I"
jericho at attrition.org
Thu Aug 24 05:42:11 EDT 2006
mambo-phpShop Security Alert
Monday, 21 August 2006
This is a security alert for all mambo-phpShop users. If you are still
using mambo-phpShop at an older version than "mambo-phpShop 1.2-stable",
your webshop is at a security risk.
Versions affected: mambo-phpShop 1.1 - 1.2 RC2.
Versions NOT affected: mambo-phpShop 1.2 stable (all patch levels).
Please note that VirtueMart is not affected by this security issue.
What's my mambo-phpShop version?
You can find out which version of mambo-phpShop you have installed by
looking at the file /administrator/components/com_phpshop/version.php of
your Mambo/Joomla installation.
Am I at risk?
The security hole can only be exploited if PHP on your server is running
with "register_globals=on". You can check this setting in Mambo by either
clicking on "System" => "Help" => "System Info", or "System" => "System
More information about the VIM